diff --git a/nixos/module/hectic/hardware/hetzner-cloud.nix b/nixos/module/hectic/hardware/hetzner-cloud.nix
index 318d485..b750fb4 100644
--- a/nixos/module/hectic/hardware/hetzner-cloud.nix
+++ b/nixos/module/hectic/hardware/hetzner-cloud.nix
@@ -45,10 +45,10 @@ in {
       example = "/dev/disk/by-uuid/f184a16b-6eca-41cb-b48a-ff37cdce1d79";
       description = ''
         boot device uuid 
-	if it is null then will use "/dev/sda" 
-	/dev/sda - default hetzner cloud device
-	!! But can changes on reboot if server have volumes
-	!! So use IDs
+        if it is null then will use "/dev/sda" 
+        /dev/sda - default hetzner cloud device
+        !! But can changes on reboot if server have volumes
+        !! So use IDs
       '';
     };
     networkMatchConfigName = lib.mkOption {
@@ -56,10 +56,10 @@ in {
       example = "enp1s0";
       description = ''
         type of network conection, 
-	on older hetzner servers may be `ens3`
+        on older hetzner servers may be `ens3`
         on newer probably `enp1s0`
 
-	you can use `networkctl list` on server to know it
+        you can use `networkctl list` on server to know it
       '';
     };
   };
diff --git a/nixos/system/xray/xray.nix b/nixos/system/xray/xray.nix
index 1b4f8f1..0c9ef91 100644
--- a/nixos/system/xray/xray.nix
+++ b/nixos/system/xray/xray.nix
@@ -8,40 +8,61 @@
   modulesPath,
   config,
   ...
-}:
-{
+}: let
+  xrayPort = 10086;
+in {
   imports = [
     self.nixosModules.hectic
   ];
 
   services.xray = {
     enable  = true;
-    setting = ''
-      {
-        "inbounds": [
-          {
-            "port": 10086,
-            "protocol": "vmess",
-            "settings": {
-              "clients": [
-                {
-                  "id": "b831381d-6324-4d53-ad4f-8cda48b30811"
-                }
-              ]
-            }
-          }
-        ],
-        "outbounds": [
-          {
-            "protocol": "freedom"
-          }
-        ]
-      }
-    '';
+    settings = {
+      "inbounds" = [
+        {
+          "port" = xrayPort;
+          "protocol" = "vmess";
+          "settings" = {
+            "clients" = [
+              {
+                "id" = "04ad600a-0e94-4ba6-af93-74e03fd3f58d";
+              }
+            ];
+          };
+        }
+      ];
+      "log" = {
+        "loglevel" = "warning";
+      };
+      "outbounds" = [
+        {
+          "protocol" = "freedom";
+        }
+      ];
+    };
   };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPChQvpyOrPjRjp8pS5Yw+oJVmywDzefzZCXh1d44EY''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP3HjFoJNGHqHoEw9XLzh766QWknfaN07GGi8lsC2Tv''
+  ];
+
  
   hectic = {
     archetype.base.enable = true;
-    hardware.lenovo-legion.enable = true;
+    archetype.dev.enable  = true;
+    hardware.hetzner-cloud = {
+      enable                 = true;
+      networkMatchConfigName = "enp1s0";
+      ipv4                   = "77.42.45.173";
+      ipv6                   = "2a01:4f9:c013:7230";
+    };
+  };
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      xrayPort
+    ];
   };
 }