diff --git a/machines/orbi/configuration.nix b/machines/orbi/configuration.nix
index ac1fb83..4d151b6 100644
--- a/machines/orbi/configuration.nix
+++ b/machines/orbi/configuration.nix
@@ -1,6 +1,8 @@
-{ lib, config, pkgs, ... }: {
+{ lib, config, pkgs, modulesPath, ... }: {
   imports = [
 
+    (modulesPath + "/profiles/hardened.nix")
+
     ./hardware-configuration
 
     ../../system/all/defaults.nix
@@ -33,6 +35,7 @@
     ./social-matrix-terranix.nix
 
   ];
+
   services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
 
   networking.hostName = "orbi";
@@ -48,13 +51,12 @@
   components.network.sshd.sshguard.enable = false;
 
   features.boot.ssh.enable = true;
-  features.boot.tor.enable = true;
 
   components.monitor.enable = true;
-  networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
-  networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];
   components.monitor.opentelemetry.receiver.endpoint = "0.0.0.0:4317";
   components.monitor.opentelemetry.exporter.endpoint = "10.100.0.2:4317"; # chnungus
+  networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
+  networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];
 
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "contact@ingolf-wagner.de";
diff --git a/machines/orbi/hardware-configuration/hardware-configuration.nix b/machines/orbi/hardware-configuration/hardware-configuration.nix
index 842c19e..bcdc404 100644
--- a/machines/orbi/hardware-configuration/hardware-configuration.nix
+++ b/machines/orbi/hardware-configuration/hardware-configuration.nix
@@ -4,11 +4,7 @@
 { config, lib, pkgs, modulesPath, ... }:
 
 {
-  imports =
-    [
-      (modulesPath + "/installer/scan/not-detected.nix")
-      (modulesPath + "/profiles/hardened.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" ];
   boot.initrd.kernelModules = [ ];