diff --git a/components/network/fail2ban.nix b/components/network/fail2ban.nix
index 93c8235..707eadb 100644
--- a/components/network/fail2ban.nix
+++ b/components/network/fail2ban.nix
@@ -11,6 +11,7 @@ with lib;
       environment.systemPackages = [ pkgs.fail2ban pkgs.ipset ];
       services.fail2ban = {
         enable = true;
+        #package = pkgs.legacy_2311.fail2ban;
         jails = { };
       };
     })
diff --git a/components/network/sshd/default.nix b/components/network/sshd/default.nix
index 8498d89..40293af 100644
--- a/components/network/sshd/default.nix
+++ b/components/network/sshd/default.nix
@@ -74,6 +74,7 @@ in
     (mkIf cfg.sshguard.enable {
       environment.systemPackages = [ pkgs.ipset ];
       services.sshguard.enable = lib.mkDefault true;
+      #boot.kernelModules = ["xt_set"];
     })
 
     (mkIf (cfg.onlyTincAccess && cfg.enable) {
diff --git a/components/nixos/tor-ssh.nix b/components/nixos/tor-ssh.nix
index 26acf6d..9af78bb 100644
--- a/components/nixos/tor-ssh.nix
+++ b/components/nixos/tor-ssh.nix
@@ -64,7 +64,7 @@ with types;
       #};
 
       # tor setup
-      clan.core.facts.services.initrd_tor = factsGenerator.tor { name = "initrd"; };
+      clan.core.facts.services.initrd_tor = factsGenerator.tor { name = ""; };
 
       boot.initrd.secrets = {
         "/etc/tor/onion/bootup/tor.priv" = config.clan.core.facts.services.initrd_tor.secret."tor.initrd.priv".path;
diff --git a/flake.nix b/flake.nix
index c967a6c..faf6404 100644
--- a/flake.nix
+++ b/flake.nix
@@ -462,8 +462,8 @@
               homeManagerModules
               stylixModules
               srvos.nixosModules.hardware-hetzner-online-intel
-              srvos.nixosModules.server
-              srvos.nixosModules.mixins-terminfo
+              #srvos.nixosModules.server
+              #srvos.nixosModules.mixins-terminfo
               {
                 # not needed for servers in general
                 boot.initrd.systemd.emergencyAccess = false;
diff --git a/machines/orbi/configuration.nix b/machines/orbi/configuration.nix
index b15880f..6e26d38 100644
--- a/machines/orbi/configuration.nix
+++ b/machines/orbi/configuration.nix
@@ -53,6 +53,9 @@
   components.network.fail2ban.enable = true;
   components.network.sshd.sshguard.enable = false;
 
+  components.nixos.boot.enable = true;
+  components.nixos.boot.tor.enable = false;
+
   components.monitor.enable = true;
   networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
   networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];