diff --git a/hosts/public01/default.nix b/hosts/public01/default.nix
index b1430a0..b705a85 100755
--- a/hosts/public01/default.nix
+++ b/hosts/public01/default.nix
@@ -9,6 +9,11 @@
   # TODO: make it the default
   networking.domain = "infra.forkos.org";
 
+  bagel.uptime-kuma = {
+    enable = true;
+    domain = "status.forkos.org";
+  };
+
   bagel.sysadmin.enable = true;
   # Newsletter is proxied.
   bagel.raito.v6-proxy-awareness.enable = true;
diff --git a/services/uptime-kuma/default.nix b/services/uptime-kuma/default.nix
index ad77b41..c4016cf 100644
--- a/services/uptime-kuma/default.nix
+++ b/services/uptime-kuma/default.nix
@@ -5,6 +5,7 @@
   ...
 }:
 let
+  cfg = config.bagel.uptime-kuma;
   subdomains = [
     "cl"
     "netbox"
@@ -25,61 +26,69 @@ let
     # "postgres"
     # "news"
   ];
-
-  host = "status.forkos.org";
   port = 3001;
 in
 {
   imports = [ "${inputs.stateless-uptime-kuma}/nixos/module.nix" ];
-  nixpkgs.overlays = [ (import "${inputs.stateless-uptime-kuma}/overlay.nix") ];
 
-  services.uptime-kuma.enable = true;
-
-  services.nginx = {
-    enable = true;
-    virtualHosts.${host} = {
-      enableACME = true;
-      forceSSL = true;
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:${builtins.toString port}";
-        proxyWebsockets = true;
-      };
+  options.bagel.uptime-kuma = {
+    enable = lib.mkEnableOption "the status page service (uptime-kuma)";
+    domain = lib.mkOption {
+      type = lib.types.str;
     };
   };
 
-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
+  config = lib.mkIf cfg.enable {
+    nixpkgs.overlays = [ (import "${inputs.stateless-uptime-kuma}/overlay.nix") ];
 
-  statelessUptimeKuma = {
-    probesConfig = {
-      monitors = lib.genAttrs subdomains (name: {
-        type = "http";
-        url = "https://${name}.forkos.org/";
-        tags = [];
-      });
-      status_pages = {
-        "forkos" = {
-          title = "ForkOS";
-          description = "health of the ForkOS infra";
-          showTags = true;
-          publicGroupList = [
-            {
-              name = "Services";
-              weight = 1;
-              monitorList = lib.genAttrs subdomains (id: {
-                inherit id;
-              });
-            }
-          ];
+    services.uptime-kuma.enable = true;
+
+    services.nginx = {
+      enable = true;
+      virtualHosts.${cfg.domain} = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "http://127.0.0.1:${builtins.toString port}";
+          proxyWebsockets = true;
         };
       };
     };
-    extraFlags = [ "-s" ];
-    host = "http://localhost:${builtins.toString port}/";
-    username = "forkos";
-    passwordFile = config.age.secrets."stateless-uptime-kuma-password".path;
-    enableService = true;
+
+    networking.firewall.allowedTCPPorts = [
+      80
+      443
+    ];
+
+    statelessUptimeKuma = {
+      probesConfig = {
+        monitors = lib.genAttrs subdomains (name: {
+          type = "http";
+          url = "https://${name}.forkos.org/";
+          tags = [];
+        });
+        status_pages = {
+          "forkos" = {
+            title = "ForkOS";
+            description = "health of the ForkOS infra";
+            showTags = true;
+            publicGroupList = [
+              {
+                name = "Services";
+                weight = 1;
+                monitorList = lib.genAttrs subdomains (id: {
+                  inherit id;
+                });
+              }
+            ];
+          };
+        };
+      };
+      extraFlags = [ "-s" ];
+      host = "http://localhost:${builtins.toString port}/";
+      username = "forkos";
+      passwordFile = config.age.secrets."stateless-uptime-kuma-password".path;
+      enableService = true;
+    };
   };
 }