diff --git a/home_site.conf b/home_site.conf
new file mode 100644
index 0000000..16fcc7e
--- /dev/null
+++ b/home_site.conf
@@ -0,0 +1,53 @@
+[Interface]
+Address = 172.24.0.{SITE_ID}/32
+PrivateKey = {LOCAL_PRIVATE_KEY}
+ListenPort = 51820
+Table = off
+
+# --- 1. Global VPN Interface ---
+PostUp = ip addr add 10.{SITE_ID}.0.1/16 dev %i
+
+# --- 2. THE SHADOW MAP (10.x.168.x -> 192.168.1.x) ---
+# Map INCOMING mesh traffic (10.x.168.x) to physical LAN (192.168.1.x)
+PostUp = iptables -t nat -A PREROUTING -i %i -d 10.{SITE_ID}.168.0/24 -j NETMAP --to 192.168.1.0/24
+# Map OUTGOING LAN traffic back to its "Shadow IP" so the return path works
+PostUp = iptables -t nat -A POSTROUTING -o %i -s 192.168.1.0/24 -j NETMAP --to 10.{SITE_ID}.168.0/24
+# Force the kernel to treat this shadow range as local
+PostUp = ip route add local 10.{SITE_ID}.168.0/24 dev lo
+
+# --- 3. LAN To Mesh Access ---
+# Masquerade outbound LAN traffic headed to the 10.0.0.0/8 mesh
+PostUp = iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o %i -j MASQUERADE
+
+# --- 4. Policy Based Routing (Exits) ---
+PostUp = ip route add default via 10.5.0.1 dev %i table offshore
+PostUp = ip route add default via 172.24.0.1 dev %i table us_vps
+# Safety: Don't route local LAN traffic through the offshore/US tunnels
+PostUp = ip route add 192.168.1.0/24 dev eth0 table offshore
+PostUp = ip route add 192.168.1.0/24 dev eth0 table us_vps
+
+# --- 5. Mesh Routing ---
+PostUp = ip route add 10.0.0.0/8 dev %i
+PostUp = ip route add 172.24.0.0/13 dev %i
+
+# --- 6. Kernel Hardening for Routing ---
+PostUp = sysctl -w net.ipv4.ip_forward=1
+PostUp = sysctl -w net.ipv4.conf.all.rp_filter=0
+PostUp = sysctl -w net.ipv4.conf.eth0.rp_filter=0
+PostUp = sysctl -w net.ipv4.conf.%i.rp_filter=0
+
+# --- PEERS ---
+
+# Site 10.1: The Hub / US Exit Node
+[Peer]
+PublicKey = QZCvR3N1CdUabC2xWfc1lmYKHfSiXYs1UoVINIMftws=
+Endpoint = {HUB_PUBLIC_IP}:51820
+# AllowedIPs covers the whole mesh + everything else for the exit tables
+AllowedIPs = 172.24.0.0/16, 10.0.0.0/8, 0.0.0.0/0
+PersistentKeepalive = 25
+
+# Site 10.5: Netherlands (Offshore Exit)
+[Peer]
+PublicKey = UoKnYszqcFl9ByfKmCS+sOTnVGjQ3II9ApuG/F+LuAk=
+Endpoint = nl.wgnode.com:51871
+AllowedIPs = 172.24.0.5/32, 10.5.0.0/16, 0.0.0.0/0
\ No newline at end of file