diff --git a/flake.nix b/flake.nix
index 7807522..7a6e4a8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -23,6 +23,7 @@
         ./modules/nix/linux.nix
         ./modules/shell.nix
 
+        ./modules/services/pocketid.nix
         ./modules/services/caddy.nix
         ./modules/services/miniflux.nix
         ./modules/services/media/arr.nix
diff --git a/modules/services/glance.nix b/modules/services/glance.nix
index ed000bb..2211097 100644
--- a/modules/services/glance.nix
+++ b/modules/services/glance.nix
@@ -99,6 +99,16 @@
                         }
                       ];
                     }
+                    {
+                      title = "System";
+                      color = "207 100 50";
+                      links = [
+                        {
+                          title = "PocketID";
+                          url = "https://auth.${config.homelab.domain}";
+                        }
+                      ];
+                    }
                   ];
                 }
               ];
diff --git a/modules/services/pocketid.nix b/modules/services/pocketid.nix
new file mode 100644
index 0000000..97bae64
--- /dev/null
+++ b/modules/services/pocketid.nix
@@ -0,0 +1,24 @@
+{ config, ... }:
+
+{
+  virtualisation.oci-containers.containers.pocketid = {
+    image = "ghcr.io/pocket-id/pocket-id";
+    volumes = [ "/var/lib/pocketid/data:/data" ];
+    ports = [ "8025:8025" ];
+    environment = {
+      PUBLIC_APP_URL = "https://auth.${config.homelab.domain}";
+      TRUST_PROXY = "true";
+      CADDY_PORT = "8025";
+
+      PUID = "1000";
+      GUID = "1000";
+    };
+  };
+
+  services.caddy.virtualHosts."auth.${config.homelab.domain}" = {
+    useACMEHost = config.homelab.domain;
+    extraConfig = ''
+      reverse_proxy http://localhost:8025
+    '';
+  };
+}