diff --git a/modules/presets/secure-node.nix b/modules/presets/secure-node.nix
index 34d8ed5..506d058 100644
--- a/modules/presets/secure-node.nix
+++ b/modules/presets/secure-node.nix
@@ -30,7 +30,7 @@ in {
       jq
     ];
 
-    # sshd
+    # Add a SSH onion service
     services.tor.relay.onionServices.sshd = nbLib.mkOnionService { port = 22; };
     nix-bitcoin.onionAddresses.access.${operatorName} = [ "sshd" ];
 
diff --git a/pkgs/lib.nix b/pkgs/lib.nix
index 07a105d..fb25950 100644
--- a/pkgs/lib.nix
+++ b/pkgs/lib.nix
@@ -41,7 +41,7 @@ let self = {
     RestrictAddressFamilies = self.defaultHardening.RestrictAddressFamilies + " AF_NETLINK";
   };
 
-  # nodejs applications apparently rely on memory write execute
+  # nodejs applications require memory write execute for JIT compilation
   nodejs = { MemoryDenyWriteExecute = "false"; };
 
   # Allow takes precedence over Deny.
@@ -69,7 +69,7 @@ let self = {
       type = types.bool;
       default = false;
       description = ''
-        Whether to enforce Tor on a service by only allowing connections
+        Whether to enforce Tor on this service by only allowing connections
         from and to localhost and link-local addresses.
       '';
     };