diff --git a/common/motd.nix b/common/motd.nix
index 2797889..3893a35 100644
--- a/common/motd.nix
+++ b/common/motd.nix
@@ -1,6 +1,9 @@
 {
   users.motd = ''
 Welcome to wolfgirl.systems!
-Latest news: flakes now enabled.
+Join our Matrix chat: #wolfgirlsgen:envs.net
+Latest news
+* Flakes now enabled
+* Web hosting now available, contact an admin to enable
 '';
 }
diff --git a/common/users.nix b/common/users.nix
index 40d2875..f982421 100644
--- a/common/users.nix
+++ b/common/users.nix
@@ -35,6 +35,7 @@
     uid = 2003;
     isNormalUser = true;
     shell = pkgs.zsh;
+    homeMode = "755";
     openssh.authorizedKeys.keys  = [
       "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHp8yRnahmUS7l8STsx0pH25O4xTWGYQyQEWeKWxeM7gbkTNPGpiUswmsHgN8Ng0+FwjIw0FHkjQeLSMH9OTSB4= ipad0esp"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdN4a3yJUlKIaVezOe4hE8fRK9DkGSzwoZ9vfpsBsHh ide0"
diff --git a/hosts/stella-web.nix b/hosts/stella-web.nix
new file mode 100644
index 0000000..ad6d52c
--- /dev/null
+++ b/hosts/stella-web.nix
@@ -0,0 +1,19 @@
+{
+  services.nginx.enable = true;
+  systemd.services.nginx.serviceConfig.ProtectHome = false;
+  services.nginx.virtualHosts."stella.wolfgirl.systems" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."~ \"^/~(.+?)(/.*)?$\"" = {
+      alias = "/home/$1/public_html$2";
+      index = "index.html";
+      extraConfig = ''
+        error_page 404 /~$1/404.html;
+      '';
+    };
+  };
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "me@ezri.pet";
+  };
+}
diff --git a/hosts/stella.nix b/hosts/stella.nix
index 38dfde7..aa1ed3f 100644
--- a/hosts/stella.nix
+++ b/hosts/stella.nix
@@ -3,6 +3,7 @@
 {
   imports =
     [ (modulesPath + "/profiles/qemu-guest.nix")
+    ./stella-web.nix
     ];
 
   boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];