diff --git a/flake-parts/kubenix.nix b/flake-parts/kubenix.nix
index 4c2d875..2d3c2b2 100644
--- a/flake-parts/kubenix.nix
+++ b/flake-parts/kubenix.nix
@@ -179,6 +179,11 @@
         module = "${self}/kubenix-modules/tailscale.nix";
         namespace = "tailscale";
       };
+
+      ntfy = {
+        module = "${self}/kubenix-modules/ntfy.nix";
+        namespace = "ntfy";
+      };
     };
   in
   {
diff --git a/kubenix-modules/bootstrap-default.nix b/kubenix-modules/bootstrap-default.nix
index 81dbb8f..7f0371f 100644
--- a/kubenix-modules/bootstrap-default.nix
+++ b/kubenix-modules/bootstrap-default.nix
@@ -51,6 +51,7 @@
         media = { };
         minecraft = { };
         tailscale = { };
+        ntfy = { };
       };
 
       nodes =
@@ -127,6 +128,7 @@
       sonarr.storage = "150Mi";
       bazarr.storage = "25Mi";
       minecraft.storage = "1Gi";
+      ntfy.storage = "300Mi";
     };
 
     tailscaleIngresses.tailscale-longhorn = {
diff --git a/kubenix-modules/ntfy.nix b/kubenix-modules/ntfy.nix
new file mode 100644
index 0000000..36009ff
--- /dev/null
+++ b/kubenix-modules/ntfy.nix
@@ -0,0 +1,105 @@
+{ lib, ... }: {
+  kubernetes.resources = {
+    configMaps.ntfy.data.config = lib.generators.toYAML { } {
+      base-url = "https://ntfy.kun.is";
+      cache-file = "/var/cache/ntfy/cache.db";
+      cache-duration = "14d";
+      auth-file = "/var/lib/ntfy/user.db";
+      auth-default-access = "deny-all";
+      attachment-cache-dir = "/var/cache/ntfy-attachments";
+      enable-signup = false;
+      enable-login = true;
+      visitor-subscription-limit = 100;
+    };
+
+    deployments.ntfy.spec = {
+      selector.matchLabels.app = "ntfy";
+
+      strategy = {
+        type = "RollingUpdate";
+
+        rollingUpdate = {
+          maxSurge = 0;
+          maxUnavailable = 1;
+        };
+      };
+
+      template = {
+        metadata.labels.app = "ntfy";
+
+        spec = {
+          containers.ntfy = {
+            image = "binwiederhier/ntfy:v2.11.0";
+            ports.web.containerPort = 80;
+            env.TZ.value = "Europe/Amsterdam";
+            args = [ "serve" ];
+
+            volumeMounts = [
+              {
+                name = "cache";
+                mountPath = "/var/cache/ntfy";
+              }
+              {
+                name = "data";
+                mountPath = "/var/lib/ntfy";
+              }
+              {
+                name = "attachment-cache";
+                mountPath = "/var/cache/ntfy-attachments";
+              }
+              {
+                name = "config";
+                mountPath = "/etc/ntfy/server.yml";
+                subPath = "config";
+              }
+            ];
+          };
+
+          volumes = {
+            cache.persistentVolumeClaim.claimName = "cache";
+            attachment-cache.persistentVolumeClaim.claimName = "attachment-cache";
+            data.persistentVolumeClaim.claimName = "data";
+            config.configMap.name = "ntfy";
+          };
+        };
+      };
+    };
+
+    persistentVolumeClaims = {
+      cache.spec = {
+        accessModes = [ "ReadWriteOnce" ];
+        resources.requests.storage = "300Mi";
+      };
+
+      attachment-cache.spec = {
+        accessModes = [ "ReadWriteOnce" ];
+        resources.requests.storage = "500Mi";
+      };
+    };
+
+    services.ntfy.spec = {
+      selector.app = "ntfy";
+
+      ports.web = {
+        port = 80;
+        targetPort = "web";
+      };
+    };
+  };
+
+  lab = {
+    ingresses.ntfy = {
+      host = "ntfy.kun.is";
+
+      service = {
+        name = "ntfy";
+        portName = "web";
+      };
+    };
+
+    longhorn.persistentVolumeClaim.data = {
+      volumeName = "ntfy";
+      storage = "300Mi";
+    };
+  };
+}