diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix
index fe5be3c..4885e94 100644
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@@ -74,8 +74,11 @@ in {
     };
 
     services = {
-      node_exporter.enable = true;
       sshguard.enable = false;
+      node_exporter = {
+        enable = true;
+        extraSubnets = [myData.subnets.vno1.cidr];
+      };
       tailscale = {
         enable = true;
         silenceLogs = true;
diff --git a/modules/services/node_exporter/default.nix b/modules/services/node_exporter/default.nix
index 3703e55..594fe59 100644
--- a/modules/services/node_exporter/default.nix
+++ b/modules/services/node_exporter/default.nix
@@ -3,12 +3,18 @@
   lib,
   myData,
   ...
-}: {
+}: let
+  cfg = config.mj.services.node_exporter;
+in {
   options.mj.services.node_exporter = with lib.types; {
     enable = lib.mkEnableOption "Enable node_exporter";
+    extraSubnets = lib.mkOption {
+      type = listOf str;
+      default = [];
+    };
   };
 
-  config = lib.mkIf config.mj.services.node_exporter.enable {
+  config = lib.mkIf cfg.enable {
     services.prometheus.exporters.node = {
       enable = true;
       enabledCollectors = ["systemd" "processes"];
@@ -29,7 +35,7 @@
 
     mj.services.friendlyport.ports = [
       {
-        subnets = [myData.subnets.tailscale.cidr];
+        subnets = [myData.subnets.tailscale.cidr] ++ cfg.extraSubnets;
         tcp = [myData.ports.exporters.node];
       }
     ];