diff --git a/configuration.nix b/configuration.nix
index 9c85719..4347154 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -69,6 +69,9 @@
 
   services.avahi.enable = true;
 
+  services.tuptime.enable = true;
+  services.tuptime.timer.enable = true;
+
   # Configure keymap in X11
   # services.xserver.xkb.layout = "us";
   # services.xserver.xkb.options = "eurosign:e,caps:escape";
@@ -129,7 +132,6 @@
     chezmoi
     czkawka
     delta
-    docker
     fastfetch
     file
     fzf
@@ -150,9 +152,11 @@
     nodePackages.nodejs
     nodePackages.pnpm
     ripgrep
+    yazi
     sheldon
     starship
     tmux
+    tealdeer
     viddy
     wget
     zoxide
@@ -209,12 +213,21 @@
       PermitRootLogin = "prohibit-password";
       PasswordAuthentication = false;
     };
+    allowSFTP = true;
     # extraConfig = ''
     #   Match User git
     #     ForceCommand ssh git@localhost -p 2221 -o StrictHostKeyChecking=no
     # '';
   };
-
+  services.fail2ban = {
+    enable = true;
+    ignoreIP = [
+      "10.0.0.0/8"
+      "172.16.0.0/12"
+      "192.168.0.0/16"
+    ];
+    bantime-increment.enable = true;
+  };
   virtualisation.docker = {
     storageDriver = "overlay2";
     enableOnBoot = true;
@@ -226,8 +239,11 @@
   # networking.firewall.allowedTCPPorts = [ ... ];
   # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
+  # TODO:
   networking.firewall = {
     enable = false;
+    allowedUDPPorts = [22 80 443 2222 25565];
+    allowedTCPPorts = [22 80 443 2222 25565];
   };
 
   systemd.timers."qbittorrent-healthcheck" = {
@@ -253,6 +269,18 @@
     };
     wantedBy = ["graphical.target"];
   };
+  systemd.services.sshdAlert = {
+    enable = true;
+    unitConfig = {
+      Requires = "sshd.service";
+    };
+    serviceConfig = {
+      ExecStart = ''
+        ${pkgs.curl}/bin/curl --request POST --url https://discord.com/api/webhooks/1235751608046846012/CU7tz271Z3Rbq9mPV0_rB5RBCRDhLKhGH14ebBm-TePpWFqKKJaCRYVMHYTJsIaSq2H- --header 'Content-Type: application/json' --data '{"username": "Auxin SSH status","avatar_url": "https://pbs.twimg.com/media/GMPtuovaQAAQ7Qr?format=png&name=large","content": "SSHD is Running!"}'
+      '';
+    };
+    wantedBy = ["multi-user.target"];
+  };
   # Copy the NixOS configuration file and link it from the resulting system
   # (/run/current-system/configuration.nix). This is useful in case you
   # accidentally delete configuration.nix.
diff --git a/flake.lock b/flake.lock
index fa62f4a..63dcee5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1710272261,
-        "narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=",
+        "lastModified": 1712439257,
+        "narHash": "sha256-aSpiNepFOMk9932HOax0XwNxbA38GOUVOiXfUVPOrck=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "0ad13a6833440b8e238947e47bea7f11071dc2b2",
+        "rev": "ff0dbd94265ac470dda06a657d5fe49de93b4599",
         "type": "github"
       },
       "original": {