diff --git a/hosts/miniserver/configuration.nix b/hosts/miniserver/configuration.nix
index 755f990..296b585 100644
--- a/hosts/miniserver/configuration.nix
+++ b/hosts/miniserver/configuration.nix
@@ -28,50 +28,43 @@
     servers = {
       jellyfin = {
         enable = true;
-        enableCron = true;
+        enableCron = false;
       };
       nextcloud = {
         enable = true;
         enableCron = true;
       };
-      adguardhome.enable = true;
-      audiobookshelf.enable = true;
-      bazarr.enable = true;
-      collabora.enable = true;
+      adguardhome.enable = false;
+      audiobookshelf.enable = false;
+      bazarr.enable = false;
+      collabora.enable = false;
       flame.enable = true;
       flameSecret.enable = true;
-      go-vod.enable = true;
-      kavita.enable = true;
-      lidarr.enable = true;
+      go-vod.enable = false;
+      kavita.enable = false;
+      lidarr.enable = false;
       maloja.enable = true;
       mealie.enable = true;
-      metube.enable = true;
+      metube.enable = false;
       microbin.enable = true;
       multi-scrobbler.enable = true;
       paperless.enable = true;
       postgres.enable = true;
-      prowlarr.enable = true;
-      qbittorrent.enable = true;
-      radarr.enable = true;
-      ryot.enable = true;
+      prowlarr.enable = false;
+      qbittorrent.enable = false;
+      radarr.enable = false;
+      ryot.enable = false;
       shiori.enable = true;
-      sonarr.enable = true;
+      sonarr.enable = false;
       vaultwarden.enable = true;
     };
   };
   fonts.fontconfig.enable = true;
   networking = {
     hostName = "miniserver";
-    firewall = let
-      open_firewall_ports = [
-        51413 # torrent sedding
-        9091 # qbittorrent
-        2049 # nfs
-      ];
-    in {
-      allowPing = true;
-      allowedTCPPorts = open_firewall_ports;
-      allowedUDPPorts = open_firewall_ports;
+    firewall = {
+      allowedTCPPorts = [ 2049 ];
+      allowedUDPPorts = [ 2049 ];
     };
   };
   nix = let
diff --git a/modules/servers/qbittorrent.nix b/modules/servers/qbittorrent.nix
index 0ec4b25..afe7211 100644
--- a/modules/servers/qbittorrent.nix
+++ b/modules/servers/qbittorrent.nix
@@ -1,4 +1,8 @@
-{ lib, config, pkgs, proxyReverse, ... }: {
+{ lib, config, pkgs, proxyReverse, ... }:
+let
+  port = 9091;
+  ports = [ port 51413 ];
+in {
   options.my.servers.qbittorrent.enable = lib.mkEnableOption "enable";
   config = lib.mkIf config.my.servers.qbittorrent.enable {
     systemd = {
@@ -49,7 +53,11 @@
     services.nginx = {
       enable = true;
       virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
-        proxyReverse 9091 // { };
+        proxyReverse port // { };
+    };
+    networking.firewall = {
+      allowedTCPPorts = ports;
+      allowedUDPPorts = ports;
     };
   };
 }