diff --git a/nixos/machines/driftwood/headscale.nix b/nixos/machines/driftwood/headscale.nix
new file mode 100644
index 0000000..aa7ee65
--- /dev/null
+++ b/nixos/machines/driftwood/headscale.nix
@@ -0,0 +1,34 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  services.headscale = {
+    enable = true;
+    settings = {
+      server_url = "https://headscale.stranger.systems:443";
+      allowed_users = [
+        "thatonelutenist@stranger.systems"
+      ];
+      dns = {
+        base_domain = "tailnet.stranger.systems";
+        magic_dns = true;
+      };
+    };
+  };
+
+  environment.systemPackages = with pkgs; [headscale];
+
+  services.nginx.virtualHosts."headscale.stranger.systems" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:8080";
+      proxyWebsockets = true;
+    };
+  };
+}
diff --git a/nixos/machines/driftwood/machine.nix b/nixos/machines/driftwood/machine.nix
index 759513b..b68a6ac 100644
--- a/nixos/machines/driftwood/machine.nix
+++ b/nixos/machines/driftwood/machine.nix
@@ -39,6 +39,7 @@
                 })
                 (import ../../modules/ssh.nix)
                 (import ./containers/conduit.nix)
+                (import ./headscale.nix)
               ];
 
               nix.settings.experimental-features = [