diff --git a/hosts/kittykat/configuration.nix b/hosts/kittykat/configuration.nix
index ab43bf6..157f20f 100644
--- a/hosts/kittykat/configuration.nix
+++ b/hosts/kittykat/configuration.nix
@@ -10,6 +10,7 @@
     ../../modules/nixos/networking/ssh.nix
     ../../modules/nixos/users/tulg.nix
     ./traefik.nix
+    #../../modules/home-manager/cli/default.nix
   ];
 
   networking.hostName = "kittykat";
@@ -21,9 +22,9 @@
   services.xray-3x-ui = {
     enable = true;
     port = 2053;
-    openFirewall = true;
+    openFirewall = false;
   };
-
+  networking.firewall.allowedTCPPorts = [45544 22];
   services.vaultwarden = {
     enable = true;
 
@@ -33,6 +34,9 @@
       ROCKET_PORT = 8222;
     };
   };
+  programs.bash.interactiveShellInit = ''
+    PS1="\[\e[38;5;177m\]\u\[\e[0m\]@\[\e[38;5;220m\]\h\[\e[0m\] \[\e[38;5;33m\]\w\[\e[0m\] \$ "
+  '';
 
   nixpkgs.config.allowUnfree = true;
   nix.settings.experimental-features = ["nix-command" "flakes"];
diff --git a/hosts/kittykat/traefik.nix b/hosts/kittykat/traefik.nix
index c05adcc..9d3bcdf 100644
--- a/hosts/kittykat/traefik.nix
+++ b/hosts/kittykat/traefik.nix
@@ -3,6 +3,9 @@
     enable = true;
     allowedTCPPorts = [80 443];
   };
+  networking.firewall.extraInputRules = ''
+    tcp dport 2053 drop
+  ''; #fuck off
 
   services.traefik = {
     enable = true;
diff --git a/modules/home-manager/cli/shell.nix b/modules/home-manager/cli/shell.nix
index 98ea0f0..f07cfb1 100644
--- a/modules/home-manager/cli/shell.nix
+++ b/modules/home-manager/cli/shell.nix
@@ -7,7 +7,7 @@
       rb = "sudo nixos-rebuild switch --flake ~/nixdots#";
       nixtest = "sudo nixos-rebuild test --flake ~/nixdots#";
       infect = "nix run github:nix-community/nixos-anywhere -- -- flake";
-      deploy = "nix run github:serokell/deploy-rs --"; #  deploy .#kittykat
+      deploy = "nix run github:serokell/deploy-rs --"; #  deploy
     };
 
     bashrcExtra = ''