diff --git a/options/services.nix b/options/services.nix
index 5123a5d..beb7f30 100644
--- a/options/services.nix
+++ b/options/services.nix
@@ -23,6 +23,8 @@ in
     photoprism.enable = mkEnableOption "photoprism";
     navidrome.enable = mkEnableOption "navidrome";
 
+    ntfy-sh.enable = mkEnableOption "ntfy-sh";
+
     telemetry = {
       enable = mkEnableOption "telemetry";
       grafana.enable = mkOption {
diff --git a/profiles/homeserver.nix b/profiles/homeserver.nix
index ca9a7f2..e05b48a 100644
--- a/profiles/homeserver.nix
+++ b/profiles/homeserver.nix
@@ -70,6 +70,7 @@
       photoprism.enable = true;
       navidrome.enable = true;
       telemetry.enable = true;
+      ntfy-sh.enable = true;
     };
   };
 }
diff --git a/system/services/caddy.nix b/system/services/caddy.nix
index 5ecf13a..4ebdfca 100644
--- a/system/services/caddy.nix
+++ b/system/services/caddy.nix
@@ -17,7 +17,7 @@ in
       reverse_proxy 192.168.100.1
     '';
 
-    services.caddy.virtualHosts."tigor.web.id".extraConfig =
+    services.caddy.virtualHosts."hosts.tigor.web.id".extraConfig =
       let
         domains = attrsets.mapAttrsToList (name: _: strings.removePrefix "https://" name) config.services.caddy.virtualHosts;
         sortedDomains = lists.sort (a: b: a < b) domains;
diff --git a/system/services/default.nix b/system/services/default.nix
index db99f2f..fce6124 100644
--- a/system/services/default.nix
+++ b/system/services/default.nix
@@ -17,5 +17,6 @@
     ./syncthing.nix
     ./wireguard.nix
     ./photoprism.nix
+    ./ntfy-sh.nix
   ];
 }
diff --git a/system/services/ntfy-sh.nix b/system/services/ntfy-sh.nix
new file mode 100644
index 0000000..4c4182a
--- /dev/null
+++ b/system/services/ntfy-sh.nix
@@ -0,0 +1,44 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.profile.services.ntfy-sh;
+  inherit (lib) mkIf;
+  domain = "ntfy.tigor.web.id";
+in
+{
+  config = mkIf cfg.enable {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
+    '';
+    environment.systemPackages = with pkgs; [
+      # Access to `ntfy` cli tool
+      ntfy-sh
+    ];
+
+    services.ntfy-sh = {
+      enable = true;
+      settings =
+        let
+          base-dir = "/var/lib/ntfy-sh";
+        in
+        rec {
+          listen-http = "0.0.0.0:15150";
+          behind-proxy = true;
+          base-url = "https://${domain}";
+
+          # Performance. Cache and Batching.
+          cache-file = "${base-dir}/cache.db";
+          cache-duration = "24h";
+          cache-batch-size = 10;
+          cache-batch-timeout = "1s";
+
+          # Auth
+          auth-file = "${base-dir}/auth.db";
+          auth-default-access = "deny-all";
+
+          # Attachments
+          attachment-cache-dir = "${base-dir}/attachments";
+          attachment-expiry-duration = cache-duration;
+        };
+    };
+  };
+}