diff --git a/base.nix b/base.nix
index ff7e28c..bb5e52e 100644
--- a/base.nix
+++ b/base.nix
@@ -6,6 +6,7 @@
     ./users/default.nix
     ./users/julien.nix
   ];
+
   luj.nix.enable = true;
   luj.secrets.enable = true;
   luj.ssh-server.enable = true;
@@ -21,7 +22,7 @@
   };
 
 
-  programs.mosh.enable = true;
+  luj.programs.mosh.enable = true;
   programs.gnupg.agent.enable = true;
 
   environment.systemPackages = with pkgs; [
@@ -34,5 +35,4 @@
   environment.variables.EDITOR = "nvim";
 
 
-
 }
diff --git a/machines/lisa/default.nix b/machines/lisa/default.nix
index d01c31c..0af0358 100644
--- a/machines/lisa/default.nix
+++ b/machines/lisa/default.nix
@@ -11,16 +11,18 @@
       ./home-julien.nix
     ];
 
-  luj.mediaserver.enable = true;
-  luj.homepage.enable = true;
-  luj.drone = {
-    enable = true;
-    nginx = {
+  luj = {
+    mediaserver.enable = true;
+    homepage.enable = true;
+    drone = {
       enable = true;
-      subdomain = "ci";
+      nginx = {
+        enable = true;
+        subdomain = "ci";
+      };
     };
   };
- 
+
   nix.maxJobs = lib.mkDefault 8;
 
   networking.hostName = "lisa"; # Define your hostname.
@@ -30,10 +32,7 @@
     address = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb";
     prefixLength = 120;
   }];
-  networking.firewall.allowedTCPPorts = [ 22 80 443 8096 8920 ];
-  networking.firewall.allowedUDPPorts = [ 22 80 443 1900 7359 ];
-  networking.firewall.allowedUDPPortRanges = [{ from = 60000; to = 61000; }];
-
+  networking.firewall.allowedTCPPorts = [ 80 443 8096 8920 ];
+  networking.firewall.allowedUDPPorts = [ 80 443 1900 7359 ];
   system.stateVersion = "20.09"; # Did you read the comment?
-
 }
diff --git a/machines/macintosh/default.nix b/machines/macintosh/default.nix
index 949476a..50b7ac6 100644
--- a/machines/macintosh/default.nix
+++ b/machines/macintosh/default.nix
@@ -28,7 +28,6 @@
     keyMap = "fr";
   };
 
-  nixpkgs.config.allowUnfree = true;
 
   hardware.trackpoint = {
     enable = true;
diff --git a/machines/newton/default.nix b/machines/newton/default.nix
index b73df2f..82a9c36 100644
--- a/machines/newton/default.nix
+++ b/machines/newton/default.nix
@@ -23,9 +23,8 @@ in
   networking.interfaces.enp2s0f0.useDHCP = true;
   networking.interfaces.enp2s0f1.useDHCP = true;
   networking.firewall.enable = true;
-  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
-  networking.firewall.allowedUDPPorts = [ 22 80 443 ];
-  networking.firewall.allowedUDPPortRanges = [{ from = 60000; to = 61000; }];
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts = [ 80 443 ];
 
 
   services.zfs.autoSnapshot.enable = true;
diff --git a/modules/mosh/default.nix b/modules/mosh/default.nix
new file mode 100644
index 0000000..844fcc6
--- /dev/null
+++ b/modules/mosh/default.nix
@@ -0,0 +1,16 @@
+{ pkgs, config, lib, inputs, ... }:
+let
+  cfg = config.luj.programs.mosh;
+in
+with lib;
+{
+  options.luj.programs.mosh = {
+    enable = mkEnableOption "Enable mosh program";
+  };
+
+  config = mkIf cfg.enable
+    {
+      programs.mosh.enable = true;
+      networking.firewall.allowedUDPPortRanges = [{ from = 60000; to = 61000; }];
+    };
+}