diff --git a/applications/gitlab.nix b/applications/gitlab.nix
index 0e6ea4a..9de8732 100644
--- a/applications/gitlab.nix
+++ b/applications/gitlab.nix
@@ -99,11 +99,7 @@
     ];
 
     networking.firewall.allowedTCPPorts = [
-      80
-      443
-
       # for git
-      22
       2222
     ];
 
diff --git a/applications/ldap.nix b/applications/ldap.nix
index 4b35d7f..a7bf3bc 100644
--- a/applications/ldap.nix
+++ b/applications/ldap.nix
@@ -83,10 +83,6 @@ Gonna use a priper nixos module for this
 
     # firewall on teh computer itself
     networking.firewall.allowedTCPPorts = [
-      80
-      443
-
-      # for ldap
       389
       636
     ];
diff --git a/applications/ulfm.nix b/applications/ulfm.nix
index 6ec523d..cfc7cbc 100644
--- a/applications/ulfm.nix
+++ b/applications/ulfm.nix
@@ -47,8 +47,6 @@
     age.secrets.ulfm.file = ../secrets/stream_ulfm.age;
 
     networking.firewall.allowedTCPPorts = [
-      80
-      443
       8000
     ];
 
diff --git a/machines/_base.nix b/machines/_base.nix
index 4a7be77..4c1c738 100644
--- a/machines/_base.nix
+++ b/machines/_base.nix
@@ -4,6 +4,12 @@
   imports = [
     (modulesPath + "/virtualisation/proxmox-lxc.nix")
 
+    # every sever may need the firewall config stuff
+    ../applications/firewall.nix
+
+    # every sever needs to have a dns record
+    ../applications/dns.nix
+
     # every server needs teh ldap client for admins
     ../applications/ldap_client.nix
   ];
diff --git a/machines/agentjones.nix b/machines/agentjones.nix
index 68617e1..066008a 100644
--- a/machines/agentjones.nix
+++ b/machines/agentjones.nix
@@ -19,9 +19,6 @@ let
 
 in {
   imports = [
-    # applications for this particular server
-    ../applications/firewall.nix
-    ../applications/dns.nix
     ./hardware/RM001.nix
   ];
 
diff --git a/machines/galatea.nix b/machines/galatea.nix
index b488d61..a87c570 100644
--- a/machines/galatea.nix
+++ b/machines/galatea.nix
@@ -19,10 +19,6 @@ let
   hostname  = "${name}.skynet.ie";
 in {
   imports = [
-    # general stuff for config
-    ../applications/dns.nix
-
-    # specific to tis server
     ../applications/ulfm.nix
   ];
 
diff --git a/machines/glados.nix b/machines/glados.nix
index bd47db8..c1fce22 100644
--- a/machines/glados.nix
+++ b/machines/glados.nix
@@ -21,9 +21,6 @@ let
 
 in {
   imports = [
-    ../applications/dns.nix
-
-    # applications for this particular server
     ../applications/gitlab.nix
   ];
 
diff --git a/machines/kitt.nix b/machines/kitt.nix
index 399e71b..05f352b 100644
--- a/machines/kitt.nix
+++ b/machines/kitt.nix
@@ -21,11 +21,6 @@ let
 
 in {
   imports = [
-     # required imports
-     ../applications/firewall.nix
-     ../applications/dns.nix
-
-    # whats running on teh server
     ../applications/ldap.nix
   ];
 
diff --git a/machines/optimus.nix b/machines/optimus.nix
index 124f8a2..bf0a372 100644
--- a/machines/optimus.nix
+++ b/machines/optimus.nix
@@ -20,8 +20,6 @@ let
 
 in {
   imports = [
-    # applications for this particular server
-    ../applications/dns.nix
     ../applications/games.nix
   ];
 
diff --git a/machines/vendetta.nix b/machines/vendetta.nix
index 3b3d459..7de619a 100644
--- a/machines/vendetta.nix
+++ b/machines/vendetta.nix
@@ -24,10 +24,6 @@ in {
   imports = [
     # the physical hardware for this
     ./hardware/RM002.nix
-
-    # applications for this particular server
-    ../applications/firewall.nix
-    ../applications/dns.nix
   ];
 
   deployment = {
diff --git a/machines/vigil.nix b/machines/vigil.nix
index 295c733..f2ab9cf 100644
--- a/machines/vigil.nix
+++ b/machines/vigil.nix
@@ -21,7 +21,7 @@ let
   ns = "ns2";
 in {
   imports = [
-    ../applications/dns.nix
+
   ];
 
   deployment = {