diff --git a/nixos-apps/default.nix b/nixos-apps/default.nix
index 8c5e9e2..cdfd8d3 100644
--- a/nixos-apps/default.nix
+++ b/nixos-apps/default.nix
@@ -11,6 +11,8 @@
 
     ./fancytypist.com.nix
     ./hydra.fancyTypist.com.nix
+
+    ./woodpecker.fancyTypist.dev.nix
   ];
 
   # when in doubt, clear away the certs with
diff --git a/nixos-apps/woodpecker.fancyTypist.dev.nix b/nixos-apps/woodpecker.fancyTypist.dev.nix
new file mode 100644
index 0000000..5f21cad
--- /dev/null
+++ b/nixos-apps/woodpecker.fancyTypist.dev.nix
@@ -0,0 +1,68 @@
+{ config
+, ...
+}:
+let
+  domain = "woodpecker.fancyTypist.dev";
+in
+{
+  # This automatically sets up certificates via let's encrypt
+  # security.acme.defaults.email = "admin@fancytypist.dev";
+  # security.acme.acceptTerms = true;
+  # security.acme.certs."${domain}" = { };
+
+  # Setting up a nginx proxy that handles tls for us
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  services.nginx = {
+    enable = true;
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    virtualHosts."${domain}" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://localhost:3007";
+      };
+    };
+  };
+
+  services.woodpecker-server = {
+    enable = true;
+    environment = {
+      WOODPECKER_HOST = "https://${domain}";
+      WOODPECKER_SERVER_ADDR = ":3007";
+      WOODPECKER_OPEN = "true";
+    };
+    # You can pass a file with env vars to the system it could look like:
+    # WOODPECKER_AGENT_SECRET=XXXXXXXXXXXXXXXXXXXXXX
+    # environmentFile = "/path/to/my/secrets/file";
+  };
+
+  # This sets up a woodpecker agent
+  services.woodpecker-agents.agents."docker" = {
+    enable = true;
+    # We need this to talk to the podman socket
+    extraGroups = [ "podman" ];
+    environment = {
+      WOODPECKER_SERVER = "localhost:9000";
+      WOODPECKER_MAX_WORKFLOWS = "4";
+      DOCKER_HOST = "unix:///run/podman/podman.sock";
+      WOODPECKER_BACKEND = "docker";
+    };
+    # Same as with woodpecker-server
+    # environmentFile = [ "/var/lib/secrets/woodpecker.env" ];
+  };
+
+  # Here we setup podman and enable dns
+  virtualisation.podman = {
+    enable = true;
+    defaultNetwork.settings = {
+      dns_enabled = true;
+    };
+  };
+  # This is needed for podman to be able to talk over dns
+  networking.firewall.interfaces."podman0" = {
+    allowedUDPPorts = [ 53 ];
+    allowedTCPPorts = [ 53 ];
+  };
+}