diff --git a/modules/system/services/gatus.nix b/modules/system/services/gatus.nix
new file mode 100644
index 0000000..f7b6de8
--- /dev/null
+++ b/modules/system/services/gatus.nix
@@ -0,0 +1,121 @@
+{ config, lib, ... }:
+let
+  cfg = config.custom.services.gatus;
+
+  tailscaleDomain = config.custom.services.tailscale.domain;
+in
+{
+  options.custom.services.gatus = {
+    enable = lib.mkEnableOption "";
+    domain = lib.mkOption {
+      type = lib.types.nonEmptyStr;
+      default = "";
+    };
+    port = lib.mkOption {
+      type = lib.types.port;
+      default = 8080;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    meta.ports.list = [ cfg.port ];
+
+    services.gatus = {
+      enable = true;
+
+      settings = {
+        web.port = cfg.port;
+
+        storage = {
+          type = "sqlite";
+          path = "/var/lib/gatus/data.db";
+        };
+
+        connectivity.checker.target = "1.1.1.1:53";
+
+        alerting = {
+          ntfy = {
+            topic = "uptime";
+            url = "https://alerts.${tailscaleDomain}";
+            click = "https://${cfg.domain}";
+            default-alert = {
+              enable = true;
+              failure-threshold = 4;
+              success-threshold = 2;
+              send-on-resolved = true;
+            };
+          };
+        };
+
+        endpoints =
+          let
+            mkHttpCheck =
+              {
+                name,
+                url,
+                conditions ? [ ],
+              }:
+              {
+                inherit name url;
+                conditions = [ "[STATUS] == 200" ] ++ conditions;
+                interval = "30s";
+                alerts = [ { type = "ntfy"; } ];
+              };
+          in
+          [
+            {
+              name = "Syncthing";
+              url = "tcp://alto.${tailscaleDomain}:22000";
+              conditions = [ "[CONNECTED] == true" ];
+              interval = "30s";
+              alerts = [ { type = "ntfy"; } ];
+            }
+            (mkHttpCheck {
+              name = "Syncthing GUI";
+              url = "https://syncthing.${tailscaleDomain}/rest/noauth/health";
+              conditions = [ "[BODY].status == OK" ];
+            })
+            (mkHttpCheck {
+              name = "Nextcloud";
+              url = "https://cloud.${tailscaleDomain}/status.php";
+              conditions = [
+                "[BODY].installed == true"
+                "[BODY].maintenance == false"
+                "[BODY].needsDbUpgrade == false"
+              ];
+            })
+            (mkHttpCheck {
+              name = "Actual Budget";
+              url = "https://budget.${tailscaleDomain}/";
+            })
+            (mkHttpCheck {
+              name = "Hedgedoc";
+              url = "https://docs.sprouted.cloud/_health";
+              conditions = [ "[BODY].ready == true" ];
+            })
+            (mkHttpCheck {
+              name = "Forgejo";
+              url = "https://git.sstork.dev/api/healthz";
+              conditions = [ "[BODY].status == pass" ];
+            })
+            {
+              name = "Forgejo SSH";
+              url = "ssh://git.sstork.dev";
+              ssh = {
+                username = "";
+                password = "";
+              };
+              conditions = [ "[CONNECTED] == true" ];
+              interval = "30s";
+              alerts = [ { type = "ntfy"; } ];
+            }
+            (mkHttpCheck {
+              name = "Ntfy";
+              url = "https://alerts.${tailscaleDomain}/v1/health";
+              conditions = [ "[BODY].healthy == true" ];
+            })
+          ];
+      };
+    };
+  };
+}