diff --git a/add.js b/add.js
index 53dbf31..44f6c8b 100644
--- a/add.js
+++ b/add.js
@@ -1,7 +1,11 @@
 'use strict'
+/* add.js
+ * route for a client to add a peer
+*/
+
+const env = require('./env.json')
 const fs = require('fs').promises
 const wg = require('./wireguard')
-const env = require('./env.json')
 
 module.exports = async (req, res) => {
 	const hostname = req.query['name']
@@ -82,13 +86,12 @@ module.exports = async (req, res) => {
 		const ipv4_addr = `${env.IPV4_NET}.${subnet}.${host}`
 		const ipv6_addr = `${env.IPV6_NET}:${subnet}:${host}`
 		const keypair = await wg.generateKeypair()
-		const pubkey = keypair[0]
-		const privkey = keypair[1]
-		
-		// Create [Peer] sections for each env.SERVERS
+
+		// Peer with each server
 		let client_peers = []
 		for (const server of env.SERVERS) {
 			const psk = await wg.generatePSK()
+			// Add server to client as [Peer]
 			client_peers.push(`
 [Peer] # ${server.host}.${env.TLD}
 PublicKey = ${server.pubkey}
@@ -96,9 +99,10 @@ PresharedKey = ${psk}
 AllowedIPs = ${server.ipv4}/32, ${server.ipv6}/128
 Endpoint = ${server.endpoint}
 PersistentKeepAlive = 25`)
+			// Add client to server as [Peer]
 			const server_config = `\n
 [Peer] # ${hostname}.${username}.${env.TLD}
-PublicKey = ${pubkey}
+PublicKey = ${keypair[0]}
 PresharedKey = ${psk}
 AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
 			if (server.host===env.LOCAL_SERVER) {
@@ -115,9 +119,9 @@ AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
 		// Generate config
 		const listen_port = Math.floor(50000 + Math.random() * 10000)
 		const config = `[Interface]
-PrivateKey = ${privkey}
+PrivateKey = ${keypair[1]}
 Address = ${ipv4_addr}/${env.IPV4_CIDR}, ${ipv6_addr}/${env.IPV6_CIDR}
-DNS = ${req.DNS_SERVERS_STRING}
+DNS = ${res.locals.DNS_SERVERS_STRING}
 ListenPort = ${listen_port}
 PostUp = resolvectl domain ${env.TLD} ${env.TLD}
 ${client_peers.join('\n')}`
diff --git a/del.js b/del.js
index 2cb6a71..6a8af43 100644
--- a/del.js
+++ b/del.js
@@ -1,4 +1,8 @@
 'use strict'
+/* del.js
+ * route to let clients delete a peer
+*/
+
 const fs = require('fs').promises
 const env = require('./env.json')
 
diff --git a/env.json b/env.json
index e4ee3cd..920edbf 100644
--- a/env.json
+++ b/env.json
@@ -1,6 +1,7 @@
 {
 	"ENV": "dev",
 	"PORT": 8080,
+	"ADMIN_PORT": 8081,
 	"IPV4_CIDR": 16,
 	"IPV4_NET": "10.4",
 	"IPV6_CIDR": 80,
diff --git a/index.js b/index.js
index 7dfa10f..272b237 100644
--- a/index.js
+++ b/index.js
@@ -1,8 +1,21 @@
 'use strict'
+/* index.js
+ * Entrypoint and server listener
+*/
+
 const env = require('./env.json')
 const mw = require('./middleware.js')
-// Main
-require('express')()
-	.get('/add', mw.getRequester, mw.getDnsServers, require('./add.js'))
-	.get('/del', mw.getRequester, require('./del.js'))
+const app = require('express')()
+const admin = require('express')()
+
+app
+	.use(mw.getRequester)
+	.get('/add', mw.getDnsServers, require('./add.js'))
+	.get('/del', require('./del.js'))
 	.listen(env.PORT)
+admin
+	.use(mw.getRequester)
+	.use(mw.allowServers)
+	.post('/add', require('./srv-add.js'))
+	.post('/del', require('./srv-del.js'))
+	.listen(env.ADMIN_PORT)
diff --git a/middleware.js b/middleware.js
index ee521b4..a05a160 100644
--- a/middleware.js
+++ b/middleware.js
@@ -2,26 +2,48 @@
 const env = require('./env.json')
 
 // Get DNS Servers in a string for peer configs
-// Do this on start, not every request!
 let DNS_SERVERS = []
-for (const server of env.SERVERS.filter((server) => server.dns) ){
-	if (server.ipv4) DNS_SERVERS.push(server.ipv4)
-	if (server.ipv6) DNS_SERVERS.push(server.ipv6)
+let SERVER_IPS = []
+for (const server of env.SERVERS) {
+	if (server.ipv4) {
+		SERVER_IPS.push(server.ipv4)
+		if (server.dns) DNS_SERVERS.push(server.ipv4)
+	}
+	if (server.ipv6) {
+		SERVER_IPS.push(server.ipv6)
+		if (server.dns) DNS_SERVERS.push(server.ipv6)
+	}
 }
 const DNS_SERVERS_STRING = DNS_SERVERS.join(', ')
 
+const getRequester = 
+
+// Actual middleware
+// These functions run every request so keep them lean
 module.exports = {
 	
 	getDnsServers: (req,res,next) => {
-		req.DNS_SERVERS_STRING = DNS_SERVERS_STRING
+		res.locals.DNS_SERVERS_STRING = DNS_SERVERS_STRING
 		next()
 	},
 	
-	getRequester: (req, res, next) => {
-		req.requester = (env.ENV==='prod')
-		?req.ip.replace('::ffff:','')
-		:'10.4.1.1'
-		next()
-	}
+	// Parse
+	getRequester: (env.ENV==='prod')?
+		(req, res, next) => {
+			req.requester = req.ip.replace('::ffff:','')
+			console.log('set requester to whaterver from',req.ip)
+			next()
+		}:
+		(req, res, next) => {
+			req.requester = '10.4.1.1'
+			console.log('set requester to 10.4.1.1')
+			next()
+		},
+	
+	// Block clients, only allow servers (for intra-server peer sharing)
+	allowServers: (req, res, next) => {
+		if (SERVER_IPS.includes(req.requester)) next()
+		else res.send(404)
+	},
 	
 }
\ No newline at end of file
diff --git a/srv-add.js b/srv-add.js
new file mode 100644
index 0000000..cba538b
--- /dev/null
+++ b/srv-add.js
@@ -0,0 +1,13 @@
+'use strict'
+/* srv-add.js
+ * routes for intra-server peer sharing
+*/
+ 
+const env = require('./env.json')
+const fs = require('fs').promises
+
+module.exports = async (req, res) => {
+	const hostname = req.query['name']
+	console.log(`Received peer from ${req.requester} for ${hostname}`)
+	
+}
\ No newline at end of file
diff --git a/srv-del.js b/srv-del.js
new file mode 100644
index 0000000..41f8775
--- /dev/null
+++ b/srv-del.js
@@ -0,0 +1,13 @@
+'use strict'
+/* srv-del.js
+ * routes for intra-server peer sharing
+*/
+ 
+const env = require('./env.json')
+const fs = require('fs').promises
+
+module.exports = async (req, res) => {
+	
+	
+	
+}
\ No newline at end of file