diff --git a/albert/post.cfg b/albert/post.cfg
index 3b67d3c..37453f9 100644
--- a/albert/post.cfg
+++ b/albert/post.cfg
@@ -2,44 +2,6 @@
 
 echo "albert post.cfg now..."
 
-#echo "Pull down the puppet manifests"
-#cd /var/lib/puppet/manifests
-
-# -- postfix
-#git clone deploy:/tombstones/puppet-postfix.git
-
-## -- fixed these lines to use the alias:
-# -- php
-#git clone ssh://git@config.tombstones.org.uk:22022/tombstones/puppet-php.git
-#git clone deploy:/tombstones/puppet-php.git
-
-# -- apache
-#git clone deploy:/tombstones/puppet-httpd.git
-
-# -- mariadb
-#git clone deploy:/tombstones/puppet-mariadb.git
-
-## -- just fix the firewall stuff ===== this won't be needed for nftables, once we switch off firewalld
-
-
-## ... this is simply to lock down port 22
-## .... - apparently firewalld can't run in a chroot, so no chance of starting it.
-## -- seems firewalld needs to be running first!
-#systemctl start firewalld  
-## -- create a new zone for limited SSH connections
-#firewall-cmd --permanent --new-zone=ssh-limited
-#firewall-cmd --permanent --zone=ssh-limited --add-source=81.187.254.92
-#firewall-cmd --permanent --zone=ssh-limited --add-source=37.187.102.65
-
-# add the SSH service to this zone
-#firewall-cmd --permanent --zone=ssh-limited --add-service=ssh
-
-# remove SSH from the default zone (public)
-#firewall-cmd --permanent --remove-service=ssh
-
-# apply changes by reloading the firewall
-#firewall-cmd --reload
-
 echo "Adding a few keys"
 # -- add in a couple of keys here, just for backups
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3Z5QcAbTioCTWahnGnLmv0Q5NLbBW6UjvPUAQIjGjt2ZtMndiqM5lMGHgu52i3by35vEXfqGweCzAeypgvLKMklWaJVKa0ZlYDZ+BmtovwYDrCLPHEMR3AgxkZKa7dqOrcQNsQ7iFMJ1OJc61eLlBOVEtDDFLzoaUtE1K9tYB86SXRmizNN8zigvb4yCVMG01rNvFvBhCKRItdvmVYtsWff8HYjaTyxwUTJVkrPHyv5H0J1f5S67fI2QjqttrOWVWs331DZ8lREbMxpys9Yx/Ig9zYve76NxDYhp7VeEP+yv8KIKl1YwhMWzrIBMg6I4bnnxQFmQLDLT8uzMHfL9cw== dave@quark.tombstones.org.uk" >> /root/.ssh/authorized_keys