diff --git a/.gitignore b/.gitignore
index b6a704b..019f773 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,7 @@
 backup/
 
+.secrets
+
 result
 
 *.nix.bak
diff --git a/hosts/configuration.nix b/hosts/configuration.nix
index 8f9e970..e24b3a8 100644
--- a/hosts/configuration.nix
+++ b/hosts/configuration.nix
@@ -8,19 +8,16 @@
   imports = [
     # Include the results of the hardware scan.
     ./hardware-configuration.nix
-
     ./local-packages.nix
-    ../modules
+    ../modules/default.nix
   ];
 
   networking.hostName = "nixos";
-  # Setup garbage collection for old generations
   nix.gc = {
     automatic = true;
     dates = "weekly";
     options = "--delete-older-than 30d";
   };
-  # Limit the number of generations
   boot.loader.systemd-boot.configurationLimit = 5;
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
diff --git a/hosts/local-packages.nix b/hosts/local-packages.nix
index 44b047a..13f6955 100644
--- a/hosts/local-packages.nix
+++ b/hosts/local-packages.nix
@@ -45,6 +45,12 @@ in
     libtool
     gawk
     lazygit
+    # Java ecosystem
+    jdk17
+    maven
+    gradle
+    visualvm
+    jdt-language-server
     (python310.withPackages (ps: with ps; [
       virtualenv
       ipython
@@ -117,6 +123,8 @@ in
     go
     sqls
     deno
+    redis
+    cloudflared
     # Rust ecosystem
     rustup
     rust-analyzer
diff --git a/modules/default.nix b/modules/default.nix
index 84b3f6f..7736937 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -17,6 +17,7 @@
     ./steam.nix
     ./timezone.nix
     ./user.nix
+    ./systemd.nix
   ];
 
   # Enable CUPS to print documents.
diff --git a/modules/systemd.nix b/modules/systemd.nix
new file mode 100644
index 0000000..9fc4077
--- /dev/null
+++ b/modules/systemd.nix
@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    autossh
+  ];
+
+  systemd.services.autossh-redbot = {
+    description = "Persistent SSH Tunnel to Cloud Server";
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      User = "cobray";
+      Group = "cobray";
+      Restart = "always";
+      RestartSec = 30;
+      EnvironmentFile = "/home/cobray/.secrets/autossh-redbot.conf";
+      Environment = [
+        "AUTOSSH_GATETIME=0"
+        "AUTOSSH_POLL=60"
+        "AUTOSSH_FIRST_POLL=30"
+        "AUTOSSH_PORT=0"
+      ];
+      ExecStart = ''
+        ${pkgs.autossh}/bin/autossh -M 0 -N \
+          -o "ServerAliveInterval 60" \
+          -o "ServerAliveCountMax 3" \
+          -o "ExitOnForwardFailure=yes" \
+          -o "ConnectTimeout=10" \
+          -R "0.0.0.0:$REMOTE_PORT:localhost:$LOCAL_PORT" \
+          root@$REMOTE_HOST
+      '';
+    };
+  };
+}