diff --git a/hosts/nixos/HandlerOne/default.nix b/hosts/nixos/HandlerOne/default.nix
index 03c969c..9c002f8 100644
--- a/hosts/nixos/HandlerOne/default.nix
+++ b/hosts/nixos/HandlerOne/default.nix
@@ -49,6 +49,7 @@
       "modules/services/lubelogger"
       "modules/services/trilium"
       "modules/services/fail2ban"
+      "modules/services/ntfy-sh"
       "modules/services/ollama/nginx.nix" # Just host the nginx path back to Parzival
       "modules/services/netbox"
       "modules/services/flamesites"
@@ -125,6 +126,7 @@
       "ta.wanderingcrow.net" = {};
       "chat.wanderingcrow.net" = {};
       "netbox.wanderingcrow.net" = {};
+      "notify.wanderingcrow.net" = {};
       # Sites I host for someone else
       "test.swgalaxyproject.com" = {};
       "swgalaxyproject.com" = {};
diff --git a/modules/services/fail2ban/default.nix b/modules/services/fail2ban/default.nix
index 9eb3c02..e123ce2 100644
--- a/modules/services/fail2ban/default.nix
+++ b/modules/services/fail2ban/default.nix
@@ -1,10 +1,15 @@
-{pkgs, ...}: {
+{
+  inputs,
+  config,
+  pkgs,
+  ...
+}: {
   environment.etc = {
     # Define an action that will trigger a Ntfy push notification upon the issue of every new ban
     "fail2ban/action.d/ntfy.local".text = pkgs.lib.mkDefault (pkgs.lib.mkAfter ''
       [Definition]
       norestored = true # Needed to avoid receiving a new notification after every restart
-      actionban = curl -H "Title: <ip> has been banned" -d "<name> jail has banned <ip> from accessing $(hostname) after <failures> attempts of hacking the system." https://ntfy.sh/Fail2banNotifications
+      actionban = curl -H "Title: <ip> has been banned" -d "<name> jail has banned <ip> from accessing ${config.hostSpec.hostName} after <failures> attempts of hacking the system." https://notify.wanderingcrow.net/Fail2banNotifications
     '');
     # Defines a filter that detects URL probing by reading the Nginx access log
     "fail2ban/filter.d/nginx-url-probe.local".text = pkgs.lib.mkDefault (pkgs.lib.mkAfter ''
@@ -14,6 +19,12 @@
   };
   services.fail2ban = {
     enable = true;
+    extraPackages = [
+      pkgs.curl
+    ];
+    ignoreIP = [
+      inputs.nix-secrets.network.primary.publicIP
+    ];
     jails = {
       nginx-url-probe.settings = {
         enabled = true;
diff --git a/modules/services/ntfy-sh/default.nix b/modules/services/ntfy-sh/default.nix
new file mode 100644
index 0000000..52a1c15
--- /dev/null
+++ b/modules/services/ntfy-sh/default.nix
@@ -0,0 +1,24 @@
+{
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "notify.wanderingcrow.net" = {
+        forceSSL = true;
+        useACMEHost = "notify.wanderingcrow.net";
+        locations."/" = {
+          proxyPass = "http://localhost:9089";
+          proxyWebsockets = true;
+        };
+      };
+    };
+  };
+  services.ntfy-sh = {
+    enable = true;
+    settings = {
+      base-url = "https://notify.wanderingcrow.net";
+      listen-http = ":9089";
+      behind-proxy = true;
+    };
+  };
+}