diff --git a/data.nix b/data.nix
index 65d254a..0b8f6b6 100644
--- a/data.nix
+++ b/data.nix
@@ -176,6 +176,7 @@ rec {
     dl                               A     ${vno1}
     fra1-a                           A     ${fra1a}
     vno1                             A     ${vno1}
+    rss                              A     ${hosts."vno1-oh2.servers.jakst".jakstIP}
 
     @                               TXT    google-site-verification=sU99fmO8gEJF-0lbOY-IzkovC6MXsP3Gozqrs8BR5OM
     @                               TXT    hosted-email-verify=rvyd6h64
diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix
index 3c6ef08..9fd759e 100644
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@@ -250,6 +250,17 @@
   };
 
   services = {
+    miniflux = {
+      enable = true;
+      config = {
+        LISTEN_ADDR = "localhost:9010";
+      };
+      adminCredentialsFile = pkgs.writeText "miniflux-creds" ''
+        ADMIN_USERNAME=admin
+        ADMIN_PASSWORD=adminadmin
+      '';
+    };
+
     caddy = {
       enable = true;
       email = "motiejus+acme@jakstys.lt";
@@ -265,6 +276,11 @@
           reverse_proxy 127.0.0.1:8123
           tls {$CREDENTIALS_DIRECTORY}/hass.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/hass.jakstys.lt-key.pem
         '';
+        "rss.jakstys.lt:80".extraConfig = ''
+          @denied not remote_ip ${myData.subnets.tailscale.cidr}
+          abort @denied
+          reverse_proxy 127.0.0.1:9010
+        '';
         "beta.jakstys.lt".extraConfig = ''
           handle /.well-known/carddav {
             redir https://cdav.migadu.com/