diff --git a/options/programs.nix b/options/programs.nix
index a65e3e0..d275cad 100644
--- a/options/programs.nix
+++ b/options/programs.nix
@@ -70,5 +70,7 @@
 
     microsoft-edge.enable = lib.mkEnableOption "microsoft-edge";
     nextcloud.enable = lib.mkEnableOption "nextcloud";
+
+    cockpit.enable = lib.mkEnableOption "cockpit";
   };
 }
diff --git a/profiles/homeserver.nix b/profiles/homeserver.nix
index 341c110..57670aa 100644
--- a/profiles/homeserver.nix
+++ b/profiles/homeserver.nix
@@ -24,5 +24,6 @@
     go.enable = true;
     networking.firewall.enable = true;
     networking.firewall.allowedTCPPorts = [ 80 443 ];
+    cockpit.enable = true;
   };
 }
diff --git a/system/modules/cockpit.nix b/system/modules/cockpit.nix
new file mode 100644
index 0000000..fb2b61a
--- /dev/null
+++ b/system/modules/cockpit.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.profile.cockpit;
+in
+{
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = lib.mkIf config.profile.podman.enable [
+      (pkgs.callPackage ../packages/cockpit-podman.nix { })
+    ];
+    services.cockpit = {
+      enable = true;
+      openFirewall = true;
+      settings = {
+        WebService = {
+          AllowUnencrypted = true;
+          ProtocolHeader = "X-Forwarded-Proto";
+          ForwardedForHeader = "X-Forwarded-For";
+        };
+        Session = {
+          IdleTimeout = 120; # 2 hours.
+        };
+      };
+    };
+  };
+}
diff --git a/system/modules/default.nix b/system/modules/default.nix
index ead12f1..91179d5 100644
--- a/system/modules/default.nix
+++ b/system/modules/default.nix
@@ -7,6 +7,7 @@
     ./bluetooth.nix
     ./boot_loader.nix
     ./brightnessctl.nix
+    ./cockpit.nix
     ./docker.nix
     ./flatpak.nix
     ./font.nix
diff --git a/system/packages/cockpit-podman.nix b/system/packages/cockpit-podman.nix
new file mode 100644
index 0000000..db157c8
--- /dev/null
+++ b/system/packages/cockpit-podman.nix
@@ -0,0 +1,34 @@
+{ lib, stdenv, fetchzip, gettext, ... }:
+
+stdenv.mkDerivation rec {
+  pname = "cockpit-podman";
+  version = "89";
+
+  src = fetchzip {
+    url = "https://github.com/cockpit-project/${pname}/releases/download/${version}/${pname}-${version}.tar.xz";
+    sha256 = "sha256-qLt6x9W+M/DztzcFxyWZLHUTM1ZsPCOykO+6o/URa6c=";
+  };
+
+  nativeBuildInputs = [
+    gettext
+  ];
+
+  makeFlags = [ "DESTDIR=$(out)" "PREFIX=" ];
+
+  postPatch = ''
+    substituteInPlace Makefile \
+      --replace /usr/share $out/share
+    touch pkg/lib/cockpit-po-plugin.js
+    touch dist/manifest.json
+  '';
+
+  dontBuild = true;
+
+  meta = with lib; {
+    description = "Cockpit UI for podman containers";
+    license = licenses.lgpl21;
+    homepage = "https://github.com/cockpit-project/cockpit-podman";
+    platforms = platforms.linux;
+    maintainers = [ ];
+  };
+}