diff --git a/flakes/common/nix_modules/tailnet.nix b/flakes/common/nix_modules/tailnet.nix
index 9351576b..fe9e9be8 100644
--- a/flakes/common/nix_modules/tailnet.nix
+++ b/flakes/common/nix_modules/tailnet.nix
@@ -20,6 +20,16 @@
       "--no-logs-no-support"
     ];
   };
+
+  systemd.services.tailscaled = {
+    after = [
+      "systemd-modules-load.service"
+      "dev-net-tun.device"
+    ];
+    wants = [ "dev-net-tun.device" ];
+    requires = [ "dev-net-tun.device" ];
+  };
+
   networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
   networking.firewall.checkReversePath = "loose";
 }