diff --git a/hosts/_common/ragenix.nix b/hosts/_common/ragenix.nix
index 0627758..527336e 100644
--- a/hosts/_common/ragenix.nix
+++ b/hosts/_common/ragenix.nix
@@ -31,6 +31,10 @@ in
           file = /${settings.secretsDir}/nix2bitbucket.age;
           owner = settings.user.username;
         };
+        nix2gitjosh = {
+          file = /${settings.secretsDir}/nix2gitjosh.age;
+          owner = settings.user.username;
+        };
         nix2h001 = {
           file = /${settings.secretsDir}/nix2h001.age;
           owner = settings.user.username;
diff --git a/hosts/joe/configuration.nix b/hosts/joe/configuration.nix
index 37633e1..f143161 100644
--- a/hosts/joe/configuration.nix
+++ b/hosts/joe/configuration.nix
@@ -26,7 +26,7 @@
   # test
 
   networking.firewall.allowedTCPPorts = [
-    34733 # sshd
+    5173 # test
   ];
 
   # machine specific configuration
diff --git a/secrets/nix2gitjosh.age b/secrets/nix2gitjosh.age
new file mode 100644
index 0000000..3af1a92
--- /dev/null
+++ b/secrets/nix2gitjosh.age
@@ -0,0 +1,30 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBqNTlD
+T0xiZkUwRHNuRkVsUjR0UEo4SDljY2Q4V1E3dVRjK05KNS9KbVdFClRsZEh1RTE0
+eFNRZ2p4Y0hsUmw5SWJCTm8zUmwxeDVMTWZpRUNYYXpYK1EKLT4gc3NoLWVkMjU1
+MTkgSmh2TCtRIForNlAxdjhmMTQ4SndkYjU4VXY2NkJRYlZhWlY1am5rakVPNzVY
+STJsVjQKRlEyZTBKMjR0Zm9vK25wQVJZN29DM1BMTzNmczN4b3FTdlhkdTVzbFlU
+cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgbWthZElDWk8vQTdtQXI0WG9JOUllSUw0
+Z1drZXBsdE93UlljSGV3RlRRRQpyMC95ZlordEt3MHczcHExZFgvRmZyUWdYS1d6
+ckpSSGErWXlOdXh2K0JBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBuKzlJeTBkdk9j
+WVBaUzhtNU85TUVjMm5HaFk5Z05XdG5DT3V3U3l1L2k4Ckc2bTJRVzdQR05LZVhw
+QzJTSHpMRDlYK0Y0dWlUaDNNR1ZKem5ZUnQ2ZkEKLT4gc3NoLWVkMjU1MTkgWHpm
+bWFRIElPWGFFUDJBeFFHTm1XV0cwTml4Ui9BdVpkVWZ5b2xXNnVEeUx6bVVlVDAK
+ZGsxUGxBWjh6UnlBdmd6amx2RStSUmR2QkRmYWVGeDdwRzFCOE5mR3dQWQotPiBz
+c2gtZWQyNTUxOSBSNSt4ZncgSnFOdEpXYyszUExmTmkzQ2k4ek5SUCttRW00QVhr
+bm9NRzFTRXd6MG1URQplb0xOeHNBSk5xS0E5UU5yelprNWJuTGFNQTVqbGlOVFR5
+SHhoRmZLVUpzCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBzZU9raW5BbFVlYnpLYTVS
+ZkMzdEdjcW8yT3JTWHEwQm1nZStRMFdqT0RRCllDMFJFaG1QS1k2WUxBd2thdEYv
+U1VPU2xqS3ZXeFVkUDhEbHk2cUxhdXcKLT4galUuOSotZ3JlYXNlIG17fjUyKiBW
+b2FvcHxOIGxBRHJhRTMKSXlrWgotLS0gVFIyRkgvM2xnT0dzOXp4czVydnBpMUpL
+QkFsNEk2ajJKSFFOWk9jS0lMRQrtEhNnuBfnV9FOAc1MMG98x1PWPR1zpEetfW72
+7DlOXzxYKb6tNr8IWQuXXR/7fIKp+KKR7vTZyDF6VsuBXBnJQ7WVtNr+6SRodUHL
+lBNsnqvzFnTOILj9m5WQ6ufuWcuHc89J6eM/82qc8p3Pk7EkEO/i29q6oiJ5cSI+
+jR8f9sdsqwio0EMXQSF7gypfBhOB0grdcws92VEj5GtDfAyRl632SWqxdw16o6dR
+S+YhRAdH80mJTFlNzGLYqVXKAiqh0IG2FET1hLhwgm87ug0ZQfbNs2yvvErw9/1A
+oWUvEO6RWfTONRpZ5zWTZY9jb3FnFQqtKSB1zt/eAetkDi2gq47oelDroa4jyM3h
+ZOe9X8/YsyDalBATNQwYbTDALac3Ybb1nq+CrQf+rrPEgcL9JFLzy4cU+uSxs7gv
+cMtKukM2luHqkX3JQw+X5mvj27UTcqGCeTYr3D4kXwZWaj0kjPkmMPrnkuIrBesp
+7LlfoXvnpf8EkQjeBRhyk+PNk7GyNqWlGMRekzvSr4060f0CC+bOG//9y6/2Plan
+2kKMvF+Ymwtfa05/GE5uL/E6Pg==
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index c1992e0..cb7b930 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -18,7 +18,10 @@ let
   ];
 in
 {
-  ## To make a new secret: `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file
+  ## To make a new secret: 
+  # - FIRST add file below that you want to create
+  # - cd to the secrets directory here
+  # - `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file
   # 
   # TODO come up with a rotate method/encrypt the device keys better. This isn't very secure feeling to me the way I am doing this now. If anyone gains access to any one of my devices, then my secrets are no longer secret. This is not a good model.
 
@@ -29,6 +32,9 @@ in
   "nix2bitbucket.age" = {
     inherit publicKeys;
   };
+  "nix2gitjosh.age" = {
+    inherit publicKeys;
+  };
   # Server keys
   "nix2h001.age" = {
     inherit publicKeys;
diff --git a/users/_common/home_manager/ssh.nix b/users/_common/home_manager/ssh.nix
index ea9bd2e..f0e6953 100644
--- a/users/_common/home_manager/ssh.nix
+++ b/users/_common/home_manager/ssh.nix
@@ -11,6 +11,10 @@
       "bitbucket.org" = {
         identityFile = age.secrets.nix2bitbucket.path;
       };
+      "git.joshuabell.xyz" = {
+        identityFile = age.secrets.nix2gitjosh.path;
+        port = 3032;
+      };
       # PERSONAL DEVICES
       "joe" = {
         identityFile = age.secrets.nix2joe.path;
diff --git a/users/josh/nix_modules/lua.nix b/users/josh/nix_modules/lua.nix
new file mode 100644
index 0000000..6809860
--- /dev/null
+++ b/users/josh/nix_modules/lua.nix
@@ -0,0 +1,5 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [ lua ];
+}
+