diff --git a/.gitattributesdb b/.gitattributesdb
index 0e46bf9..7e810da 100644
--- a/.gitattributesdb
+++ b/.gitattributesdb
@@ -5,47 +5,37 @@ LmdpdGhvb2tzL2dpdGF0dHJpYnV0ZXNkYg== 1757608819 1757608819 root:root 0755 - -
 LmdpdGhvb2tzL3Bvc3QtY2hlY2tvdXQ= 1757519106 1757519106 root:root 0755 - -
 LmdpdGhvb2tzL3Bvc3QtbWVyZ2U= 1757519106 1757519106 root:root 0755 - -
 LmdpdGhvb2tzL3ByZS1jb21taXQ= 1757519106 1757519106 root:root 0755 - -
-LmdpdGlnbm9yZQ== 1757789404 1757593248 root:root 0644 - -
+LmdpdGlnbm9yZQ== 1757761402 1757593248 root:root 0644 - -
 LmdpdG1vZHVsZXM= 1757607701 1757607701 root:root 0644 - -
 ZXRjLy5naXRpZ25vcmU= 1757611781 1757611781 root:root 0644 - -
-ZXRjL2FwYWNoZTIvLmdpdGlnbm9yZQ== 1757775950 1757775932 root:root 0644 - -
-ZXRjL2FwYWNoZTIvaHR0cGQuY29uZg== 1757785734 1757785514 root:root 0644 - -
-ZXRjL2FwYWNoZTIvc2l0ZXMuZC9jb3JlLnNsYWNrd2FyZS51ay5uZXQuY29uZg== 1757786703 1757785113 root:root 0644 - -
 ZXRjL2NvbmYuZC8uZ2l0aWdub3Jl 1757609410 1757609410 root:root 0644 - -
 ZXRjL2NvbmYuZC9ib290bWlzYw== 1757591865 1757591865 root:root 0644 - -
 ZXRjL2NvbmYuZC9ub2RlLWV4cG9ydGVy 1757592526 1757592526 root:root 0644 - -
 ZXRjL2NvbmYuZC9zYW1iYQ== 1757592912 1757592912 root:root 0644 - -
 ZXRjL2NvbmYuZC9zc2hk 1757593051 1757593051 root:root 0644 - -
-ZXRjL2NvbmYuZC90ZXJyYWZvcm0taHR0cC1iYWNrZW5k 1757771663 1757595391 root:root 0644 - -
+ZXRjL2NvbmYuZC90ZXJyYWZvcm0taHR0cC1iYWNrZW5k 1757595391 1757595391 root:root 0644 - -
 ZXRjL2Nyb250YWJzL3Jvb3Q= 1757593504 1757593504 root:root 0600 - -
 ZXRjL2dyb3Vw 1757761113 1757594224 root:root 0644 - -
 ZXRjL2hvc3RuYW1l 1757594311 1757594311 root:root 0644 - -
 ZXRjL2hvc3Rz 1757594362 1757594362 root:root 0644 - -
-ZXRjL2lwdGFibGVzL3J1bGVzLXNhdmU= 1757789154 1757789154 root:root 0600 - -
-ZXRjL2lwdGFibGVzL3J1bGVzNi1zYXZl 1757789154 1757789154 root:root 0600 - -
 ZXRjL2xvY2FsLmQvLmdpdGlnbm9yZQ== 1757595481 1757595481 root:root 0644 - -
 ZXRjL2xvY2FsLmQvdGVycmFmb3JtLWh0dHAtYmFja2VuZC5zdGFydA== 1757595926 1757595926 root:root 0755 - -
 ZXRjL25ldHdvcmsvLmdpdGlnbm9yZQ== 1757596572 1757596572 root:root 0644 - -
 ZXRjL25ldHdvcmsvaW50ZXJmYWNlcw== 1757759982 1757596330 root:root 0644 - -
-ZXRjL3Bhc3N3ZA== 1757771794 1757594202 root:root 0644 - -
+ZXRjL3Bhc3N3ZA== 1757761151 1757594202 root:root 0644 - -
 ZXRjL3BlcmlvZGljL2RhaWx5L2Nyb25qb2ItZGVoeWRyYXRlZA== 1757708520 1757708520 root:root 0777 - -
 ZXRjL3BlcmlvZGljL2RhaWx5L2Nyb25qb2ItdXBkYXRlLXBhY2thZ2VzLWxpc3Q= 1757708520 1757708520 root:root 0777 - -
 ZXRjL3BlcmlvZGljL2RhaWx5L2Nyb25qb2Itd2Fybi1naXQtc3RhdHVz 1757708520 1757708520 root:root 0777 - -
 ZXRjL3BrZ2xpc3Q= 1757609913 1757609913 root:root 0644 - -
 ZXRjL3Jlc29sdi5jb25m 1757611605 1757611605 root:root 0644 - -
-ZXRjL3J1bmxldmVscy9ib290Ly5naXRpZ25vcmU= 1757769666 1757598667 root:root 0644 - -
+ZXRjL3J1bmxldmVscy9ib290Ly5naXRpZ25vcmU= 1757598667 1757598667 root:root 0644 - -
 ZXRjL3J1bmxldmVscy9ib290L3JzeXNsb2c= 1757708520 1757708520 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0Ly5naXRpZ25vcmU= 1757598703 1757598703 root:root 0644 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0L2FwYWNoZTI= 1757708520 1757708520 root:root 0777 - -
-ZXRjL3J1bmxldmVscy9kZWZhdWx0L2lwNnRhYmxlcw== 1757770233 1757770233 root:root 0777 - -
-ZXRjL3J1bmxldmVscy9kZWZhdWx0L2lwdGFibGVz 1757770222 1757770222 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0L25vZGUtZXhwb3J0ZXI= 1757708520 1757708520 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0L3BocC1mcG04Mw== 1757708520 1757708520 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0L3NhbWJh 1757708520 1757708520 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9kZWZhdWx0L3NzaGQ= 1757708520 1757708520 root:root 0777 - -
-ZXRjL3J1bmxldmVscy9kZWZhdWx0L3RlcnJhZm9ybS1odHRwLWJhY2tlbmQ= 1757772274 1757772274 root:root 0777 - -
-ZXRjL3J1bmxldmVscy9zaHV0ZG93bi9pcDZ0YWJsZXM= 1757770292 1757770292 root:root 0777 - -
-ZXRjL3J1bmxldmVscy9zaHV0ZG93bi9pcHRhYmxlcw== 1757770284 1757770284 root:root 0777 - -
 ZXRjL3J1bmxldmVscy9zaHV0ZG93bi9zYW1iYQ== 1757708520 1757708520 root:root 0777 - -
 ZXRjL3NoYWRvdy5ncGc= 1757599010 1757599010 root:root 0644 - -
 ZXRjL3NzaC8uZ2l0aWdub3Jl 1757606957 1757606957 root:root 0644 - -
@@ -56,7 +46,7 @@ ZXRjL3N1ZG9lcnMuZC9yb290LWFjY2Vzcw== 1757600157 1757600157 root:root 0640 - -
 aG9tZS8uZ2l0aWdub3Jl 1757762052 1757762052 root:root 0644 - -
 aG9tZS9zeXNhZG1pbi8uYmFzaF9sb2dvdXQ= 1757582867 1757582867 sysadmin:users 0644 - -
 aG9tZS9zeXNhZG1pbi8uYmFzaF9wcm9maWxl 1757584711 1757584711 sysadmin:users 0644 - -
-aG9tZS9zeXNhZG1pbi8uYmFzaHJj 1757764048 1757586493 sysadmin:users 0644 - -
+aG9tZS9zeXNhZG1pbi8uYmFzaHJj 1757761708 1757586493 sysadmin:users 0644 - -
 aG9tZS9zeXNhZG1pbi8uZ2l0Y29uZmln 1757582738 1757582738 sysadmin:users 0644 - -
 aG9tZS9zeXNhZG1pbi8uZ2l0aWdub3Jl 1757600312 1757600312 sysadmin:users 0644 - -
 aG9tZS9zeXNhZG1pbi8ubG9jYWwvc2hhcmUvbmFuby8uZ2l0aWdub3Jl 1757586210 1757586210 sysadmin:users 0644 - -
@@ -77,7 +67,6 @@ cm9vdC8ubG9jYWwvc2hhcmUvbmFuby8uZ2l0aWdub3Jl 1757586210 1757586210 root:root 064
 cm9vdC8ubmFub3Jj 1757585756 1757585756 root:root 0644 - -
 cm9vdC8uc3NoLy5naXRpZ25vcmU= 1757593349 1757593349 root:root 0644 - -
 cm9vdC8uc3NoL2F1dGhvcml6ZWRfa2V5cw== 1757587611 1757587611 root:root 0644 - -
-c3J2L2RlaHlkcmF0ZWQvLmdpdGtlZXBkaXI= 1757776960 1757776960 root:root 0644 - -
 ZXRjL2RvYXMuY29uZg== 1728635393 1728635393 root:root 0640 - -
 ZXRjL2RvYXMuZA== 1757595612 1757595612 root:root 0750 - -
 ZXRjL3NoYWRvdw== 1757761290 1757702629 root:shadow 0640 - -
@@ -85,4 +74,4 @@ ZXRjL3NoYWRvdy0= 1757702585 1757702585 root:shadow 0640 - -
 ZXRjL3N1ZG9lcnM= 1753553353 1753553353 root:root 0440 - -
 ZXRjL3N1ZG9lcnMuZC9kZWZhdWx0cw== 1757599359 1757599359 root:root 0640 - -
 ZXRjL3N1ZG9lcnMuZC9yb290LWFjY2Vzcw== 1757600157 1757600157 root:root 0640 - -
-aG9tZS9zeXNhZG1pbg== 1757788654 1757761412 sysadmin:users 0711 - -
+aG9tZS9zeXNhZG1pbg== 1757761743 1757761412 sysadmin:users 0711 - -
diff --git a/.gitignore b/.gitignore
index e4b9028..4d867b3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,7 +4,6 @@
 .*.swp
 
 /bin/
-/data/
 /dev/
 /lib/
 /media/
@@ -12,6 +11,7 @@
 /proc/
 /run/
 /sbin/
+/srv/
 /sys/
 /tmp/
 /usr/
diff --git a/etc/apache2/.gitignore b/etc/apache2/.gitignore
deleted file mode 100644
index 8c71b61..0000000
--- a/etc/apache2/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-/conf.d/
-/magic
-/mime.types
diff --git a/etc/apache2/httpd.conf b/etc/apache2/httpd.conf
deleted file mode 100644
index 0635e0c..0000000
--- a/etc/apache2/httpd.conf
+++ /dev/null
@@ -1,229 +0,0 @@
-# These modules are required for the basic configuration directives used in this file.
-# They *must* be loaded to use this configuration with httpd.
-LoadModule	alias_module		/usr/lib/apache2/mod_alias.so
-LoadModule	allowmethods_module	/usr/lib/apache2/mod_allowmethods.so
-LoadModule	authz_host_module	/usr/lib/apache2/mod_authz_host.so
-LoadModule	dir_module		/usr/lib/apache2/mod_dir.so
-LoadModule	log_config_module	/usr/lib/apache2/mod_log_config.so
-LoadModule	mime_module		/usr/lib/apache2/mod_mime.so
-LoadModule	mime_magic_module	/usr/lib/apache2/mod_mime_magic.so
-LoadModule	mpm_event_module	/usr/lib/apache2/mod_mpm_event.so
-LoadModule	setenvif_module		/usr/lib/apache2/mod_setenvif.so
-LoadModule	unixd_module		/usr/lib/apache2/mod_unixd.so
-
-# HTTP2.
-LoadModule	http2_module		/usr/lib/apache2/mod_http2.so
-
-# SSL.
-#LoadModule	ssl_module		/usr/lib/apache2/mod_ssl.so
-#LoadModule	socache_shmcb_module	/usr/lib/apache2/mod_socache_shmcb.so
-
-# SSI.
-LoadModule	include_module		/usr/lib/apache2/mod_include.so
-
-# CGI.
-LoadModule	cgid_module		/usr/lib/apache2/mod_cgid.so
-
-# FastCGI access to php-fpm.
-LoadModule	proxy_module		/usr/lib/apache2/mod_proxy.so
-LoadModule	proxy_fcgi_module	/usr/lib/apache2/mod_proxy_fcgi.so
-
-# Re-writing.
-LoadModule	rewrite_module		/usr/lib/apache2/mod_rewrite.so
-
-# Authenticated access to locations.
-LoadModule	auth_basic_module	/usr/lib/apache2/mod_auth_basic.so
-LoadModule	authn_core_module	/usr/lib/apache2/mod_authn_core.so
-LoadModule	authn_file_module	/usr/lib/apache2/mod_authn_file.so
-LoadModule	authz_core_module	/usr/lib/apache2/mod_authz_core.so
-LoadModule	authz_user_module	/usr/lib/apache2/mod_authz_user.so
-
-# Proxying.
-#<IfModule !proxy_module>
-#  LoadModule	proxy_module		/usr/lib/apache2/mod_proxy.so
-#</IfModule>
-#LoadModule	proxy_http_module	/usr/lib/apache2/mod_proxy_http.so
-
-# Server status.
-#LoadModule	status_module		/usr/lib/apache2/mod_status.so
-
-
-# IP addresses and ports to listen on.
-Listen				5.101.171.215:80
-Listen				[2a01:a500:2981:1::d7]:80
-<IfModule ssl_module>
-  Listen			5.101.171.215:25443
-  Listen			[2a01:a500:2981:1::d7]:25443
-</IfModule>
-
-
-# Main server configuration.
-# Note: A DocumentRoot (and a Directory block granting access) is required in order for RedirectMatch to work in VirtualHosts.
-DocumentRoot			/var/empty
-ServerAdmin			"sysadmin(at)slackware.uk"
-ServerName			core.slackware.uk.net
-ServerSignature			Email
-ServerTokens			Major
-User				apache
-Group				apache
-DefaultRuntimeDir		/run/apache2
-Mutex				pthread
-ScriptSock			cgid.sock
-
-
-# Logging.
-LogFormat	"%h %l %u %t \"%r\" %>s %b"						Common
-LogFormat	"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""		Combined
-LogFormat	"%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""	VHostCombined
-CustomLog	"|/usr/bin/logger -p local1.info -t httpd"				VHostCombined		env=!no_log
-#LogLevel	warn allowmethods:crit authz_core:crit include:crit ssl:crit
-LogLevel	warn allowmethods:crit authz_core:crit include:crit
-ErrorLog	syslog:local0
-
-
-# Resource limits for event MPM.
-ThreadLimit			50
-ThreadsPerChild			10
-MaxRequestWorkers		20
-MinSpareThreads			2
-MaxSpareThreads			10
-MaxConnectionsPerChild		10000
-
-
-# Timeouts.
-TimeOut				30
-GracefulShutDownTimeout		1
-
-
-# Browser handling.
-BrowserMatch			"MSIE [2-5]"	nokeepalive downgrade-1.0 force-response-1.0
-
-
-# HTTP2.
-<IfModule http2_module>
-  Protocols			h2 h2c http/1.1
-</IfModule>
-
-
-# SSL configuration.
-<IfModule ssl_module>
-  SSLCipherSuite		HIGH:!SSLv3:!TLS1:!aNULL:!MD5
-  SSLHonorCipherOrder		On
-  SSLOptions			+FakeBasicAuth
-  SSLProtocol			all -SSLv3 -TLSv1 -TLSv1.1
-  SSLRandomSeed			startup		file:/dev/urandom	512
-  SSLRandomSeed			connect		builtin
-  SSLSessionCache		"shmcb:/run/apache2/ssl_session_cache(512000)"
-  SSLSessionTickets		Off
-  BrowserMatch			"MSIE [2-5]"	ssl-unclean-shutdown
-</IfModule>
-
-
-# Filters and Handlers.
-<IfModule include_module>
-  AddOutputFilter	INCLUDES	.shtml .html
-</IfModule>
-#This isn't needed except where CGI scripts are placed outside of ScriptAlias dirs.  ExecCGI is required in Options for the dir.
-#<IfModule cgid_module>
-#  AddHandler	cgi-script		.cgi .pl .py .sh
-#</IfModule>
-#For type maps (negotiated resources).
-#<IfModule negotiation_module>
-#  AddHandler	type-map		.var
-#</IfModule>
-
-
-# Mime type mappings.
-TypesConfig	/etc/apache2/mime.types
-AddType		application/x-bzip2			.bz2 .tbz
-AddType		application/x-compress			.z .tz
-AddType		application/x-gzip			.gz .tgz
-AddType		text/html				.shtml
-AddType		text/plain				.bld .csh .diff .ksh .md5 .meta .patch .pl .pm .py .rb .sh .sha1 .slackbuild .tcl .tm .url
-AddType		application/octet-stream		.deb .dpkg .flac .flp .img .lz .lzma .mkv .rpm .run .srpm .tlz .txz .vob .xz
-AddType		application/x-x509-user-cert		.crt
-AddType		application/pkcs8			.key
-AddType		application/pkcs10			.csr
-AddType		application/pkix-crl			.crl
-AddType		application/x-pem-file			.pem
-AddType		application/x-atari-8bit-executable	.xex
-MimeMagicFile	/etc/apache2/magic
-
-
-# Lets Encrypt validation.
-<IfModule ssl_module>
-  Alias		/.well-known/acme-challenge/		/srv/dehydrated/
-</IfModule>
-
-
-# Access control.
-<FilesMatch ^\.ht.*>
-  Require		all denied
-</FilesMatch>
-
-<Directory />
-  Options		SymLinksIfOwnerMatch
-  AllowOverride		None
-  Require		all denied
-</Directory>
-
-<Directory /var/empty>
-  Options		None
-  AllowOverride		None
-  Require		all granted
-</Directory>
-
-<Directory /srv/dehydrated>
-  Options		None
-  AllowOverride		None
-  Require		all granted
-</Directory>
-
-<Directory /srv/www/*/html>
-  Options		Includes MultiViews SymLinksIfOwnerMatch
-  AllowOverride		AuthConfig FileInfo Indexes Limit
-
-  Require		all granted
-
-  AllowMethods		GET POST OPTIONS
-
-  DirectoryIndex	index.html
-  <IfModule include_module>
-    DirectoryIndex	index.shtml
-  </IfModule>
-
-  <IfModule ssl_module>
-    <FilesMatch "\.(shtml|php)$">
-      SSLOptions	+StdEnvVars
-    </FilesMatch>
-  </IfModule>
-
-  <IfModule proxy_fcgi_module>
-    DirectoryIndex	index.php index.phtml
-
-    <If "-f %{REQUEST_FILENAME} && %{REQUEST_URI} =~ /.+\.ph(ar|p|tml)$/">
-      SetHandler	proxy:unix:/run/php-fpm83/php-fpm.sock|fcgi://localhost/
-    </If>
-  </IfModule>
-</Directory>
-
-<IfModule cgid_module>
-  <Directory /srv/www/*/cgi-bin>
-    Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
-    AllowOverride	AuthConfig FileInfo Limit
-
-    Require		all granted
-
-    AllowMethods	GET POST OPTIONS
-
-    DirectoryIndex	disabled
-
-    <IfModule ssl_module>
-      SSLOptions	+StdEnvVars
-    </IfModule>
-  </Directory>
-</IfModule>
-
-
-# Include extra configurations.
-IncludeOptional		/etc/apache2/sites.d/*.conf
diff --git a/etc/apache2/sites.d/core.slackware.uk.net.conf b/etc/apache2/sites.d/core.slackware.uk.net.conf
deleted file mode 100644
index e1861da..0000000
--- a/etc/apache2/sites.d/core.slackware.uk.net.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-<VirtualHost 5.101.171.215:80 [2a01:a500:2981:1::d7]:80>
-  ServerName		core.slackware.uk.net
-
-  SetEnvIf		REQUEST_URI	^/robots\.txt$		no_log
-  SetEnvIf		REQUEST_URI	^/favicon\.ico$		no_log
-  SetEnvIf		REQUEST_URI	^/\.well-known/.*$	no_log
-
-  RedirectMatch		403		^/(?!(\.well-known|httpd-errordocs)/)(.*)
-</VirtualHost>
-
-<IfModule ssl_module>
-  <VirtualHost 5.101.171.215:443 [2a01:a500:2981:1::d7]:443>
-    ServerName			core.slackware.uk.net
-
-    SSLCertificateFile		/etc/certificates/core.slackware.uk.net-cert.pem
-    SSLCertificateKeyFile	/etc/certificates/core.slackware.uk.net-key.pem
-    SSLCertificateChainFile	/etc/certificates/core.slackware.uk.net-chain.pem
-
-    SetEnvIf			REQUEST_URI	^/robots\.txt$		no_log
-    SetEnvIf			REQUEST_URI	^/favicon\.ico$		no_log
-
-    ScriptAlias			/cgi-bin/	/data/sites/core.slackware.uk.net/cgi-bin/
-
-    DocumentRoot		/data/sites/core.slackware.uk.net/html
-  </VirtualHost>
-</IfModule>
diff --git a/etc/conf.d/terraform-http-backend b/etc/conf.d/terraform-http-backend
index baaa68b..958b368 100644
--- a/etc/conf.d/terraform-http-backend
+++ b/etc/conf.d/terraform-http-backend
@@ -1,7 +1,6 @@
-export TF_USER="thb"
-export TF_IP="5.101.171.215"
-export TF_PORT="25480"
-export TF_STORAGE_DIR="/var/lib/terraform-http-backend"
-export TF_AUTH_ENABLED="true"
-export TF_USERNAME="sysadmin"
-export TF_PASSWORD="sunsa"
+export TF_STORAGE_DIR=/var/lib/terraform-http-backend
+export TF_AUTH_ENABLED=true
+export TF_USERNAME=sysadmin
+export TF_PASSWORD=sunsa
+export TF_PORT=9200
+export TF_IP=127.0.0.1
diff --git a/etc/iptables/rules-save b/etc/iptables/rules-save
deleted file mode 100644
index 398618b..0000000
--- a/etc/iptables/rules-save
+++ /dev/null
@@ -1,24 +0,0 @@
-# Generated by iptables-save v1.8.11 (nf_tables) on Sat Sep 13 18:45:54 2025
-*filter
-:INPUT DROP [6:240]
-:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [27:2250]
-[0:0] -A INPUT -m conntrack --ctstate INVALID -j DROP
-[12:1176] -A INPUT -i lo -j ACCEPT
-[0:0] -A INPUT -s 10.254.0.0/24 -i eth1 -j ACCEPT
-[0:0] -A INPUT -s 5.101.171.208/28 -i eth0 -j ACCEPT
-[6:707] -A INPUT -s 185.176.90.169/32 -i eth0 -j ACCEPT
-[0:0] -A INPUT -s 172.236.16.105/32 -i eth0 -j ACCEPT
-[0:0] -A INPUT -s 82.33.87.103/32 -i eth0 -j ACCEPT
-[0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-[0:0] -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-[0:0] -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-[0:0] -A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-[0:0] -A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-[0:0] -A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22,25422 -m conntrack --ctstate NEW -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --dport 80 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --dport 25443 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --dport 25480 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-COMMIT
-# Completed on Sat Sep 13 18:45:54 2025
diff --git a/etc/iptables/rules6-save b/etc/iptables/rules6-save
deleted file mode 100644
index f9c40e8..0000000
--- a/etc/iptables/rules6-save
+++ /dev/null
@@ -1,25 +0,0 @@
-# Generated by ip6tables-save v1.8.11 (nf_tables) on Sat Sep 13 18:45:54 2025
-*filter
-:INPUT DROP [0:0]
-:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [0:0]
-[0:0] -A INPUT -m conntrack --ctstate INVALID -j DROP
-[0:0] -A INPUT -i lo -j ACCEPT
-[0:0] -A INPUT -s 2a01:a500:2981:1::/64 -i eth0 -j ACCEPT
-[0:0] -A INPUT -s 2a07:4580:b0d:57f::169/128 -i eth0 -j ACCEPT
-[0:0] -A INPUT -s 2600:3c13::2000:50ff:fef4:7f56/128 -i eth0 -j ACCEPT
-[0:0] -A INPUT -s 2001:470:1f1d:58::/64 -i eth0 -j ACCEPT
-[0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 129 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j ACCEPT
-[0:0] -A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 136 -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22,25422 -m conntrack --ctstate NEW -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --dport 80 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-[0:0] -A INPUT -p tcp -m tcp --dport 25443 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-COMMIT
-# Completed on Sat Sep 13 18:45:54 2025
diff --git a/etc/passwd b/etc/passwd
index 80c1de9..63db282 100644
--- a/etc/passwd
+++ b/etc/passwd
@@ -18,5 +18,5 @@ nobody:x:65534:65534:nobody:/:/sbin/nologin
 klogd:x:100:101:klogd:/dev/null:/sbin/nologin
 apache:x:101:102:apache:/var/www:/sbin/nologin
 prometheus:x:102:103:prometheus:/var/lib/prometheus:/sbin/nologin
-thb:x:500:500:terraform http backend:/var/lib/terraform-http-backend:/bin/bash
+thb:x:500:500:terraform http backend:/var/lib/terraform-http-backend:/sbin/nologin
 sysadmin:x:1000:100:Systems' Administrator:/home/sysadmin:/bin/bash
diff --git a/etc/runlevels/boot/.gitignore b/etc/runlevels/boot/.gitignore
index 23e40be..a18df18 100644
--- a/etc/runlevels/boot/.gitignore
+++ b/etc/runlevels/boot/.gitignore
@@ -1,2 +1 @@
-/bootmisc
 /devfs
diff --git a/etc/runlevels/default/ip6tables b/etc/runlevels/default/ip6tables
deleted file mode 120000
index 43919ca..0000000
--- a/etc/runlevels/default/ip6tables
+++ /dev/null
@@ -1 +0,0 @@
-/etc/init.d/ip6tables
\ No newline at end of file
diff --git a/etc/runlevels/default/iptables b/etc/runlevels/default/iptables
deleted file mode 120000
index b4acbcb..0000000
--- a/etc/runlevels/default/iptables
+++ /dev/null
@@ -1 +0,0 @@
-/etc/init.d/iptables
\ No newline at end of file
diff --git a/etc/runlevels/default/terraform-http-backend b/etc/runlevels/default/terraform-http-backend
deleted file mode 120000
index c9b8bcc..0000000
--- a/etc/runlevels/default/terraform-http-backend
+++ /dev/null
@@ -1 +0,0 @@
-/etc/init.d/terraform-http-backend
\ No newline at end of file
diff --git a/etc/runlevels/shutdown/ip6tables b/etc/runlevels/shutdown/ip6tables
deleted file mode 120000
index 43919ca..0000000
--- a/etc/runlevels/shutdown/ip6tables
+++ /dev/null
@@ -1 +0,0 @@
-/etc/init.d/ip6tables
\ No newline at end of file
diff --git a/etc/runlevels/shutdown/iptables b/etc/runlevels/shutdown/iptables
deleted file mode 120000
index b4acbcb..0000000
--- a/etc/runlevels/shutdown/iptables
+++ /dev/null
@@ -1 +0,0 @@
-/etc/init.d/iptables
\ No newline at end of file
diff --git a/home/sysadmin/.bashrc b/home/sysadmin/.bashrc
index 954d50e..a0f5eba 100644
--- a/home/sysadmin/.bashrc
+++ b/home/sysadmin/.bashrc
@@ -1,7 +1,7 @@
 #!/bin/bash - not strictly necessary, but helps nano with syntax highlighting.
 # Bash specific configuration.
 
-__prompt_user_colour() {
+prompt_user_colour() {
   # Determine the colour of the username in the prompt.
 
   if [[ "$(whoami)" == "root" ]]; then
diff --git a/srv/dehydrated/.gitkeepdir b/srv/dehydrated/.gitkeepdir
deleted file mode 100644
index e69de29..0000000