diff --git a/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age b/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age
new file mode 100644
index 0000000..81235fa
--- /dev/null
+++ b/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 KTkZog 7QJNbtDdO9LpwTDNgeaEtm4KTONs5Hgukenu2AL6dSY
+l7Nz7xlPLUmYWxbL2tcUT/pgaoZUcGppKaUzoSDty7g
+-> PLN-grease
+KPAHJevjQIdgSu1kVhcefi2Y6aNgqaqhKXS0D3QWBFlSk7Kr8YQw2dDFpFW7fH/1
+9tvZZz5hJe+sJA
+--- ZiUHAguNDc75YzOTCuWOz3HEAyA6KrWZJvWB/bLDJw8
+P|Öï†ì±Ç6(¢—"¥p3ål‚.éÛ"2½Ša¯Ñ¤TéïB:«üÜ6i4k¥Âb23`
\ No newline at end of file
diff --git a/nixos/viridian/services/postgresql/default.nix b/nixos/viridian/services/postgresql/default.nix
new file mode 100644
index 0000000..a1e0c5e
--- /dev/null
+++ b/nixos/viridian/services/postgresql/default.nix
@@ -0,0 +1,20 @@
+{pkgs, ...}: {
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_15;
+    settings = {
+      port = 5432;
+    };
+    dataDir = "/var/lib/postgresql/15";
+  };
+
+  environment.persistence."/persist" = {
+    directories = [
+      {
+        directory = "/var/lib/postgresql";
+        user = "postgres";
+        group = "postgres";
+      }
+    ];
+  };
+}
diff --git a/nixos/viridian/services/wiki-js/default.nix b/nixos/viridian/services/wiki-js/default.nix
new file mode 100644
index 0000000..45c4727
--- /dev/null
+++ b/nixos/viridian/services/wiki-js/default.nix
@@ -0,0 +1,48 @@
+{config, ...}: {
+  systemd.services.wiki-js = {
+    requires = ["postgresql.service"];
+    after = ["postgresql.service"];
+  };
+
+  services.wiki-js = {
+    enable = true;
+    settings.db = {
+      db = "wiki-js";
+      host = "/run/postgresql";
+      type = "postgres";
+      user = "wiki-js";
+    };
+  };
+
+  services.postgresql = {
+    ensureDatabases = ["wiki-js"];
+    ensureUsers = [
+      {
+        name = "wiki-js";
+        ensureDBOwnership = true;
+      }
+    ];
+  };
+
+  services.traefik.dynamicConfigOptions.http.routers = {
+    wiki-js = {
+      rule = "Host(`wiki.sajkbd.io`)";
+      entryPoints = [
+        "websecure"
+      ];
+      middlewares = [
+        "crowdsec"
+        "geoblock"
+      ];
+      service = "wiki-js";
+    };
+  };
+
+  services.traefik.dynamicConfigOptions.http.services = {
+    wiki-js.loadBalancer.servers = [
+      {url = "http://127.0.0.1:${toString config.services.wiki-js.settings.port}";}
+    ];
+  };
+
+  environment.persistence."/persist".directories = ["/var/lib/wiki-js"];
+}