diff --git a/logical/ascanius.nix b/logical/ascanius.nix
index 3d24c05..c7f5c52 100644
--- a/logical/ascanius.nix
+++ b/logical/ascanius.nix
@@ -13,13 +13,11 @@
       "https://cache.nixos.org"
       "https://disciplina.cachix.org"
     ];
-    binaryCachePublicKeys = [
-      "serokell:ic/49yTkeFIk4EBX1CZ/Wlt5fQfV7yCifaJyoM+S3Ss="
-      "disciplina.cachix.org-1:zDeIFV5cu22v04EUuRITz/rYxpBCGKY82x0mIyEYjxE="
-    ];
   };
   users.users.lars = {
     isNormalUser = true;
-    openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBze0fBV/Fpz9bz1WKkbPlj8h526ZfduOcQVlA+7j0+yzlT+jX6nLNjXNmIi6JZoERj8lG4/avkagldj+wwqWrKM2xOMgIUx34i+br5+U4Y7DedljfPV9k8eE55SI4BjfO697V7BhHP4eooRUjNVmqSmRAld06hJzMj7irGWHK+RPrK0M1BvGgSV5pL50jzQGd2unxvNuxSk1rWBNfNEGt6ok0G8/ud0Gw5QbcYWzbbnKBB8JsgBct22txtcgVbRyqftD+vpFl0Oyq4tiQbSHqa8qpFyV/wTf4Cs1Zz7WrqH+2xfx+oUsCOfMKuvCI8FKtriAWEmfOM42bBi50v2kj" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBze0fBV/Fpz9bz1WKkbPlj8h526ZfduOcQVlA+7j0+yzlT+jX6nLNjXNmIi6JZoERj8lG4/avkagldj+wwqWrKM2xOMgIUx34i+br5+U4Y7DedljfPV9k8eE55SI4BjfO697V7BhHP4eooRUjNVmqSmRAld06hJzMj7irGWHK+RPrK0M1BvGgSV5pL50jzQGd2unxvNuxSk1rWBNfNEGt6ok0G8/ud0Gw5QbcYWzbbnKBB8JsgBct22txtcgVbRyqftD+vpFl0Oyq4tiQbSHqa8qpFyV/wTf4Cs1Zz7WrqH+2xfx+oUsCOfMKuvCI8FKtriAWEmfOM42bBi50v2kj"
+    ];
   };
 }
diff --git a/logical/jarvis.nix b/logical/jarvis.nix
index 68fa02f..7bcd0c7 100644
--- a/logical/jarvis.nix
+++ b/logical/jarvis.nix
@@ -8,8 +8,6 @@
 
 
   system.stateVersion = "17.09";
-  #networking.enableIPv6 = lib.mkOverride 30 true;
-
 
   services.xserver.displayManager.sessionCommands = ''
     ${pkgs.xorg.xrandr}/bin/xrandr --dpi 192
diff --git a/logical/pennyworth.nix b/logical/pennyworth.nix
index 1605c7f..718f8fb 100644
--- a/logical/pennyworth.nix
+++ b/logical/pennyworth.nix
@@ -11,8 +11,6 @@
     ../modules/muflax-blog.nix
   ];
 
-  networking.enableIPv6 = lib.mkOverride 30 true;
-
   system.stateVersion = "16.03";
   
   services.nginx.enable = true;
diff --git a/physical/nixos-hardware.nix b/physical/nixos-hardware.nix
new file mode 100644
index 0000000..bb469e6
--- /dev/null
+++ b/physical/nixos-hardware.nix
@@ -0,0 +1,4 @@
+builtins.fetchTarball {
+  url = "https://github.com/NixOS/nixos-hardware/archive/d534770be7f699b3332ef09bd043745a38d115ad.tar.gz";
+  sha256 = "0h4xzs0bp0v01rzqm023ia2rgmcxv32jdiinp7ylxxh384vf5h0h";
+}
diff --git a/physical/xps9360-hardware-config.nix b/physical/xps9360-hardware-config.nix
new file mode 100644
index 0000000..87673e6
--- /dev/null
+++ b/physical/xps9360-hardware-config.nix
@@ -0,0 +1,30 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/a751e4ea-f1aa-48e1-9cbe-423878e29b62";
+      fsType = "btrfs";
+    };
+
+  boot.initrd.luks.devices."nix-crypt".device = "/dev/disk/by-uuid/320ef81d-283f-4916-ac26-ecfb0f31e549";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/0E07-7805";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/d9c4c15b-0e9c-47f6-8675-93b1b8de5f9d"; }
+    ];
+
+  nix.maxJobs = lib.mkDefault 4;
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}
diff --git a/roles/default.nix b/roles/default.nix
index 6951e52..d104423 100644
--- a/roles/default.nix
+++ b/roles/default.nix
@@ -21,15 +21,6 @@ in
 
 	};
   services.timesyncd.enable = true;
-  services.fail2ban.enable = true;
-  # ban repeat offenders longer
-  services.fail2ban.jails.recidive = ''
-    filter = recidive
-    action = iptables-allports[name=recidive]
-    maxretry = 5
-    bantime = 604800 ; 1 week
-    findtime = 86400 ; 1 day
-  '';
 	users.extraUsers.yorick = {
 	  isNormalUser = true;
 	  uid = 1000;
@@ -50,7 +41,7 @@ in
   '';
 
   # Networking
-  networking.enableIPv6 = false;
+  networking.enableIPv6 = true;
 
   services.openssh = {
     enable = true;
diff --git a/roles/server.nix b/roles/server.nix
index 07c8ef4..b8fe7f3 100644
--- a/roles/server.nix
+++ b/roles/server.nix
@@ -2,6 +2,7 @@
   imports = [ <yori-nix/roles> ];
   
   services.nixosManual.enable = false;
+  services.sshguard.enable = true;
 
   environment.noXlibs = true;
   networking.firewall.logRefusedConnections = false;    # Silence logging of scanners and knockers
diff --git a/roles/workstation.nix b/roles/workstation.nix
index 052676d..2258666 100644
--- a/roles/workstation.nix
+++ b/roles/workstation.nix
@@ -26,15 +26,20 @@
       "https://cache.nixos.org"
     ];
     trustedBinaryCaches = config.nix.binaryCaches ++ [
-      "https://builder.serokell.io"
+      "ssh://yorick@jupiter.serokell.io"
+      "ssh-ng://jupiter"
       "https://cache.lumi.guide"
+      "https://serokell.cachix.org"
     ];
     binaryCachePublicKeys = [
       "serokell:ic/49yTkeFIk4EBX1CZ/Wlt5fQfV7yCifaJyoM+S3Ss="
+      "serokell-1:aIojg2Vxgv7MkzPJoftOO/I8HKX622sT+c0fjnZBLj0="
       "cache.lumi.guide-1:z813xH+DDlh+wvloqEiihGvZqLXFmN7zmyF8wR47BHE="
+      "serokell.cachix.org-1:5DscEJD6c1dD1Mc/phTIbs13+iW22AVbx0HqiSb+Lq8="
+      "disciplina.cachix.org-1:zDeIFV5cu22v04EUuRITz/rYxpBCGKY82x0mIyEYjxE="
     ];
-    #extraOptions = ''
-    #  netrc-file = ${nixnetrc}
-    #'';
+    extraOptions = ''
+     netrc-file = ${nixnetrc}
+    '';
   };
 }