diff --git a/hosts/arcturus/default.nix b/hosts/arcturus/default.nix
index 3d63258..1e8429f 100644
--- a/hosts/arcturus/default.nix
+++ b/hosts/arcturus/default.nix
@@ -26,6 +26,7 @@
     ../../modules/nixos/searx.nix
     ../../modules/nixos/wakapi.nix
     ../../modules/nixos/nextcloud.nix
+    ../../modules/nixos/silver-bullet.nix
   ];
 
   sops.secrets = {
@@ -57,6 +58,10 @@
       sopsFile = ./secrets.yaml;
       owner = "nextcloud";
     };
+
+    silver_bullet = {
+      sopsFile = ./secrets.yaml;
+    };
   };
 
   nixpkgs = {
@@ -197,6 +202,7 @@
       "/var/lib/promtail"
       "/var/lib/private"
       "/var/lib/nextcloud"
+      "/var/lib/silverbullet"
     ];
     files = [
       "/etc/ssh/ssh_host_ed25519_key"
diff --git a/hosts/arcturus/secrets.yaml b/hosts/arcturus/secrets.yaml
index 58e95ee..a0685e0 100644
--- a/hosts/arcturus/secrets.yaml
+++ b/hosts/arcturus/secrets.yaml
@@ -6,6 +6,7 @@ cloudflare_credentials:
     email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
     dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
 nextcloud_password: ENC[AES256_GCM,data:o37mq4YHQT5pbi+cXrk=,iv:8HiDwdHTozNM2lHpgqVhdsspuifppsL2I6Z31xEnYFI=,tag:xTnfn8HcubfiQwLYIkpxjw==,type:str]
+silver_bullet: ENC[AES256_GCM,data:waEPGskjkkdX98PKzgZG1bzS+NwL6GR8kok=,iv:8a8IeXla8XSHFzjKcVY3QYUK5aFk2kPHVIRvs1y7So0=,tag:p++o6wvLtG5DbDmUusRQLg==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -30,8 +31,8 @@ sops:
             NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
             uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-12-05T05:25:32Z"
-    mac: ENC[AES256_GCM,data:jDwq8ZWkp9BauXaMKS+wyQcOg/9On03KJbeSnUv/3aPzeuhjrUxKLb7FQCFiY2TM5Jll0hol5+GaBrniErzn6Cog6Fnzlyqcr3/02xhwpN9w+23Do8DQBmKurKewPp/kdRTgNUOpQdGtzRFFH3/0ZwiK9eGBFjGwpbhUDOYKw88=,iv:8j/yeSCn88qjzroZfEUSveJaQH50IZ7f1XTZbeYVOvQ=,tag:dSb/vUwUVHqbBGHk9jdx/g==,type:str]
+    lastmodified: "2024-12-12T08:25:25Z"
+    mac: ENC[AES256_GCM,data:+ZftjUQ2RfrKzWUVS02iG8I3uqPKje12/qY/i+8jgWILpC+Cncl75YZeDy8vwheifbRfhqHsy5IZXEnjI1qtKOU0RWkNmeelTmU/feC7tqsUZmQgg7MejOhEV9sOnqDml8+O4Vif0asoaYyrOqAPEprKar54BRcytDQNAbUjm7Y=,iv:h5rUVtQFOGeynCgt7xAN1vqRcquchE/LVbE4YAgQLoc=,tag:+peyfX54DVdi/GHtTinGYw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1
diff --git a/modules/nixos/silver-bullet.nix b/modules/nixos/silver-bullet.nix
new file mode 100644
index 0000000..89aae56
--- /dev/null
+++ b/modules/nixos/silver-bullet.nix
@@ -0,0 +1,28 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  services = {
+    silverbullet = {
+      enable = true;
+      listenPort = 9876;
+      envFile = config.sops.secrets.silver_bullet.path;
+    };
+
+    nginx = {
+      enable = lib.mkForce true;
+      virtualHosts = {
+        "notes.tux.rs" = {
+          forceSSL = true;
+          useACMEHost = "tux.rs";
+          locations = {
+            "/" = {
+              proxyPass = "http://localhost:9876";
+            };
+          };
+        };
+      };
+    };
+  };
+}