diff --git a/hosts/vm/reverseproxy/reverseproxy.nix b/hosts/vm/reverseproxy/reverseproxy.nix
index f2ca654..306e785 100644
--- a/hosts/vm/reverseproxy/reverseproxy.nix
+++ b/hosts/vm/reverseproxy/reverseproxy.nix
@@ -69,13 +69,26 @@ let
 
   antiBot = formatYAML.generate "antibot.yaml" [
     {
-      import = "${anubisBotsMirror}";
+      name = "whitelist-crans";
+      action = "ALLOW";
+      remote_addresses = [
+        "185.230.79.0/22"
+        "2a0c:700::/32"
+        "46.105.102.188/32"
+        "2001:41d0:2:d5bc::/128"
+      ];
     }
     {
       # On refuse les bots qui font souvent de la merde.
       # https://github.com/TecharoHQ/anubis/blob/main/data/bots/deny-pathological.yaml
       import = "(data)/bots/_deny-pathological.yaml";
     }
+    {
+      # allow google-inspection pour indexer les pages
+      name = "google-inspection-tool";
+      action = "ALLOW";
+      user_agent_regex = ".*Google-InspectionTool.*";
+    }
     {
       # On autorise les indexers des moteurs de recherche.
       # https://github.com/TecharoHQ/anubis/blob/main/data/crawlers/_allow-good.yaml
@@ -190,8 +203,8 @@ in
           ];
         };
         "wiki" = {
-          anubisConfig = "${anubisChallenge}";
-          target = "[fd00::10:0:ff:fe01:6110]"; # l'ipv4 marche pas
+          ## anubisConfig = "${anubisChallenge}";
+          target = "172.16.10.161";
           serverAliases = [
             "wikipedia"
           ];
diff --git a/modules/services/reverseproxy.nix b/modules/services/reverseproxy.nix
index fac16cd..416f370 100644
--- a/modules/services/reverseproxy.nix
+++ b/modules/services/reverseproxy.nix
@@ -20,6 +20,16 @@ let
     ];
   };
 
+  open_graph = formatJSON.generate "opengraph.json" {
+    openGraph = [
+      {
+        enabled = true;
+        considerHost = true;
+        ttl = "24h";
+      }
+    ];
+  };
+
   mainTld = "org";
   otherTld = [
     "fr"
@@ -73,6 +83,14 @@ in
               example = "/var/www/anubis.conf";
             };
 
+            anubisOpenGraph = mkOption {
+              type = types.bool;
+              default = true;
+              description = ''
+                Activer openGraph pour l'indexation et l'embedding
+              '';
+            };
+
             httpOnly = mkOption {
               type = types.bool;
               default = false;
@@ -128,6 +146,11 @@ in
             COOKIE_DOMAIN = "crans.org";
             REDIRECT_DOMAINS = "${vhostName}.crans.org";
             SOCKET_MODE = "0660";
+            # OpenGraph config
+            OG_PASSTHROUGH = vhostConfig.anubisOpenGraph;
+            OG_EXPIRY_TIME = "24h";
+            OG_CACHE_CONSIDER_HOST = true;
+            # Policy config
             POLICY_FNAME = if (vhostConfig.anubisConfig == "") then "${allowAll}" else vhostConfig.anubisConfig;
           };
         }) cfg.virtualHosts;
@@ -147,6 +170,11 @@ in
                 proxyWebsockets = vhostConfig.proxyWebsockets;
               };
               serverName = "${vhostName}.crans.${mainTld}";
+              extraConfig = "
+                set_real_ip_from 172.16.0.0/16;
+                set_real_ip_from fd00::/56;
+                real_ip_header X-Real-Ip;
+              ";
             }
           ) cfg.virtualHosts;
 
@@ -165,6 +193,11 @@ in
             listen = [
               { addr = "unix:/run/nginx/nginx-${vhostName}.sock"; }
             ];
+            serverName = "${vhostName}.crans.${mainTld}";
+            extraConfig = "
+              set_real_ip_from unix:;
+              real_ip_header X-Real-IP;
+            ";
           }) cfg.virtualHosts;
 
           # Configuration des alias .fr et .eu