diff --git a/firstboot/shell-pf.sh b/firstboot/shell-pf.sh
index b55bf095..ec013ff1 100644
--- a/firstboot/shell-pf.sh
+++ b/firstboot/shell-pf.sh
@@ -23,7 +23,7 @@ PF_RELOAD_RCD="${PF_RELOAD_RCD:-/usr/local/etc/rc.d/pf_reload}"
 clawdie_shell_pf() {
   local LOG_FILE="${LOG_FILE:-/var/log/clawdie-firstboot.log}"
   local PROGRESS_FILE="${PROGRESS_FILE:-/var/log/clawdie-firstboot.progress}"
-  local RC_CONF="${RC_CONF:-/etc/rc.conf"
+  local RC_CONF="${RC_CONF:-/etc/rc.conf}"
   local AGENT_NET="${AGENT_NET:-192.168.100.0/24}"
 
   log_msg "[pf] Setting up firewall..."
@@ -55,7 +55,7 @@ clawdie_shell_pf() {
 
   # Write pf.conf
   # NAT supernet 192.168.0.0/16 covers all agent subnets — adding a second
-          # agent later requires no PF changes, just a new bridge + /24
+  # agent later requires no PF changes, just a new bridge + /24
   cat > "$PF_CONF" << EOF
 # Clawdie-AI firewall — generated by clawdie-firstboot $(date '+%d.%b.%Y' | tr 'A-Z' 'a-z')
 # See NETWORKING.md for architecture notes and Tailscale integration path
@@ -121,19 +121,6 @@ RCEOF
   echo "[PF] COMPLETE" >> "$PROGRESS_FILE"
 }
 
-load_rc_config "$name"
-run_rc_command "$1"
-RCEOF
-  chmod 755 "$PF_RELOAD_RCD"
-
-  # Enable PF and pf_reload
-  printf 'pf_enable="YES"\n'        >> "$RC_CONF"
-  printf 'pf_reload_enable="YES"\n' >> "$RC_CONF"
-
-  log_msg "[pf] Firewall configured: ext_if=${EXT_IF}, bridge=${BRIDGE}"
-  echo "[PF] COMPLETE" >> "$PROGRESS_FILE"
-}
-
 # ============================================================================
 # LOGGING HELPER
 # ============================================================================
diff --git a/firstboot/vps-path-test.sh b/firstboot/vps-path-test.sh
index 8ec30809..96c58648 100755
--- a/firstboot/vps-path-test.sh
+++ b/firstboot/vps-path-test.sh
@@ -49,7 +49,7 @@ echo ""
 # ── VPS pre-baked vars (minimum required) ──
 export TARGET="vps"
 export ASSISTANT_NAME="VpsClawdie"
-export AGENT_DOMAIN="clawdie.vps"
+export AGENT_DOMAIN="clawdie.home.arpa"
 export AGENT_GENDER="f"
 export TZ="Europe/Ljubljana"
 export SYSTEM_LOCALE="sl_SI.UTF-8"
@@ -153,8 +153,8 @@ clawdie_shell_env_generate 2>/dev/null
 
 # Check key vars are in .env (quotes included in format)
 for var_check in \
-  'ASSISTANT_NAME="CloudClawdie"' \
-  'AGENT_DOMAIN="clawdie.cloud"' \
+  'ASSISTANT_NAME="VpsClawdie"' \
+  'AGENT_DOMAIN="clawdie.home.arpa"' \
   'TZ="Europe/Ljubljana"' \
   'CODE_HOSTING_MODE="gitea"' \
   'FEATURE_GITEA="YES"' \
@@ -175,7 +175,7 @@ clawdie_shell_system_config >/dev/null 2>&1
 [ -f "$HOSTNAME_FILE" ]; check "$?" "Hostname file created"
 if [ -f "$HOSTNAME_FILE" ]; then
   _hn=$(cat "$HOSTNAME_FILE")
-  if echo "$_hn" | grep -q "clawdie.cloud"; then
+  if echo "$_hn" | grep -q "clawdie.home.arpa"; then
     check "0" "Hostname = $_hn"
   else
     check "1" "Hostname = $_hn (expected *clawdie.cloud*)"