diff --git a/aspects/hosts/_alexandria/freshrss.nix b/aspects/hosts/_alexandria/freshrss.nix
new file mode 100644
index 0000000..0bd87a2
--- /dev/null
+++ b/aspects/hosts/_alexandria/freshrss.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  inputs,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  imports = [ inputs.nixpkgs-stable.nixosModules.freshrss ];
+
+  services.freshrss = {
+    enable = true;
+    defaultUser = "admin";
+    passwordFile = config.age.secrets.freshrss-adminpass.path;
+    baseUrl = "https://rss.baduhai.dev";
+    dataDir = "/data/freshrss";
+    webserver = "nginx";
+    virtualHost = "rss.baduhai.dev";
+  };
+
+  age.secrets.freshrss-adminpass = {
+    file = "${inputs.self}/secrets/freshrss-adminpass.age";
+    owner = "freshrss";
+    group = "freshrss";
+  };
+}
diff --git a/data/services.nix b/data/services.nix
index ae7395c..e95e497 100644
--- a/data/services.nix
+++ b/data/services.nix
@@ -38,5 +38,10 @@
       domain = "jellyfin.baduhai.dev";
       host = "alexandria";
     }
+    {
+      name = "freshrss";
+      domain = "rss.baduhai.dev";
+      host = "alexandria";
+    }
   ];
 }
diff --git a/secrets/freshrss-adminpass.age b/secrets/freshrss-adminpass.age
new file mode 100644
index 0000000..b7d7c90
Binary files /dev/null and b/secrets/freshrss-adminpass.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index a90cd74..277d880 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -32,4 +32,9 @@ in
     rotterdam-user
     trantor
   ];
+  "freshrss-adminpass.age".publicKeys = [
+    io-user
+    rotterdam-user
+    alexandria
+  ];
 }