diff --git a/flake.lock b/flake.lock
index 45099973..b02d1c36 100644
--- a/flake.lock
+++ b/flake.lock
@@ -186,6 +186,24 @@
       "inputs": {
         "systems": "systems_3"
       },
+      "locked": {
+        "lastModified": 1701680307,
+        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_3": {
+      "inputs": {
+        "systems": "systems_4"
+      },
       "locked": {
         "lastModified": 1681202837,
         "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
@@ -354,6 +372,27 @@
         "type": "github"
       }
     },
+    "libations": {
+      "inputs": {
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": [
+          "unstable"
+        ]
+      },
+      "locked": {
+        "lastModified": 1701980797,
+        "narHash": "sha256-Ho+puc0LAewDIehH5KYrRUoyQr9FYUOedwusYqZKE+8=",
+        "owner": "jnsgruk",
+        "repo": "libations",
+        "rev": "93bc4dc04fa13e89c103bbea41b322ab92186182",
+        "type": "github"
+      },
+      "original": {
+        "owner": "jnsgruk",
+        "repo": "libations",
+        "type": "github"
+      }
+    },
     "nix-formatter-pack": {
       "inputs": {
         "nixpkgs": [
@@ -639,6 +678,7 @@
         "hyprland": "hyprland",
         "hyprland-contrib": "hyprland-contrib",
         "lanzaboote": "lanzaboote",
+        "libations": "libations",
         "nix-formatter-pack": "nix-formatter-pack_3",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_3",
@@ -733,6 +773,21 @@
         "type": "github"
       }
     },
+    "systems_4": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "unstable": {
       "locked": {
         "lastModified": 1701068326,
@@ -751,7 +806,7 @@
     },
     "vscode-server": {
       "inputs": {
-        "flake-utils": "flake-utils_2",
+        "flake-utils": "flake-utils_3",
         "nixpkgs": [
           "unstable"
         ]
diff --git a/flake.nix b/flake.nix
index ac5b5735..aa7d8d22 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,6 +33,8 @@
     crafts.inputs.nixpkgs.follows = "unstable";
     embr.url = "github:jnsgruk/firecracker-ubuntu";
     embr.inputs.nixpkgs.follows = "unstable";
+    libations.url = "github:jnsgruk/libations";
+    libations.inputs.nixpkgs.follows = "unstable";
   };
 
   outputs =
diff --git a/host/common/services/libations.nix b/host/common/services/libations.nix
new file mode 100644
index 00000000..458c85a0
--- /dev/null
+++ b/host/common/services/libations.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, ... }:
+let
+  # Fetch the libations recipes from a private repository. Note that there must be a
+  # valid SSH key either in the agent of the user executing the `nix` command, or in
+  # `/root/.ssh` or this will fail.
+  recipes = builtins.fetchGit {
+    url = "git@github.com:jnsgruk/libations-recipes";
+    rev = "9bd7e4ebe23f9421c3ccec5db20b4bdae2344ace";
+  };
+
+  libations = pkgs.buildGoModule {
+    pname = "libations";
+    version = "unstable-2023-12-08";
+    src = pkgs.fetchFromGitHub {
+      rev = "c1d968fdd87e6214ac5c9d50019749d5c05aa939";
+      owner = "jnsgruk";
+      repo = "libations";
+      hash = "sha256-Eu0LLQZ4ZB2fdedmpFjlRbJIzoA7ow1LGQtVdoyP2xM=";
+    };
+    vendorHash = "sha256-Ep3nBl9WZm7skk1cmMS9KI019ZSRSxofbLs2Nrj6HM8=";
+    nativeBuildInputs = with pkgs; [ hugo ];
+    postConfigure = ''
+      # Patch the recipes that were fetched above into the app before building
+      cp ${recipes}/recipes.json ./webui/data/drinks.json
+      # Generate the Hugo site that's embedded in the app
+      go generate
+    '';
+  };
+in
+{
+  age.secrets = {
+    libations-auth-key = {
+      file = ../../../secrets/thor-libations-tskey.age;
+      owner = "root";
+      group = "root";
+      mode = "400";
+    };
+  };
+
+  systemd.services.libations = {
+    description = "Libations cocktail recipe viewer";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    environment = {
+      "XDG_CONFIG_HOME" = "/var/lib/libations/";
+    };
+    serviceConfig = {
+      DynamicUser = true;
+      ExecStart = "${libations}/bin/libations";
+      Restart = "always";
+      EnvironmentFile = config.age.secrets.libations-auth-key.path;
+      StateDirectory = "libations";
+      StateDirectoryMode = "0750";
+    };
+  };
+}
+
diff --git a/host/thor/extra.nix b/host/thor/extra.nix
index 4cfab90a..ce1f307f 100644
--- a/host/thor/extra.nix
+++ b/host/thor/extra.nix
@@ -2,6 +2,7 @@
   imports = [
     ../common/services/files.nix
     ../common/services/homepage.nix
+    ../common/services/libations.nix
     ../common/services/servarr.nix
     ../common/services/traefik
   ];
diff --git a/secrets/kara-borgbase-passphrase.age b/secrets/kara-borgbase-passphrase.age
index 9be25dfa..069423b2 100644
--- a/secrets/kara-borgbase-passphrase.age
+++ b/secrets/kara-borgbase-passphrase.age
@@ -1,11 +1,9 @@
 age-encryption.org/v1
--> ssh-ed25519 ASg3Sg CO2tcSK64VFwK1vMOZL+7iOe6FaZWkSaiqF0OqMR4io
-WSFzYxoW4ng0QcXAr5/jPBTeLO/Y4k16ubVL+h09nTE
--> ssh-ed25519 6up9ZQ 7cIIIsfocgAU8zzUPhp1WCjjY8rasUUrFeH9j/gKExc
-7a7sgE8NdKyvWb68RgVNppAfUShrTrsqa/cxvs83g9M
--> W~_#-grease e0Jt_% 9c=-ZICy ^A27 _X%DC
-ZzXuwWsQTw0mvi1iXdZH0Hd8V8aJT86mqa6ehpbQ6nzsJOMZRPdGe4P9BF18E5mX
-ODT59MAJ/W37y/JxXNNY+0QN6erT
---- GztYtmM4sxrUxwzazX/RI3p8OGC7kelqgvnBpHycM/Y
-�}���%�p�S���B���)�%poz�,i����ϛ�5�d���86��D]TjY胲��
-�Z�r�i���V���p���+�a�$�]�61��
\ No newline at end of file
+-> ssh-ed25519 ASg3Sg +pewBTfRJ8UR497QKTusEkqhHphK94AQW4tHD30Crwo
+4CctckWgtukTL1yrX/9R+fOXz/w+lco8wcbp8d6h2PU
+-> ssh-ed25519 6up9ZQ TNDeFCu/3FzVPX9u0GvzhG3Y37z0I0v8BnuQ7RTHTnU
+XGbf/hNhHIEZsoGUjVfbc6NmoZr05q5fnI6juN/d52o
+-> srSd-grease "U *&"yT JS+MW kl)A
+4JBYxJdv6JIxPCZ3NScvhgF7DuCLEVXlQuFNFey3qsPxvcKTNNq9Ag
+--- ivkPurGWx/wV+7P1o3lJKu0o+jVvbLNBQ8e4udH6PeM
+4T�l.]��o��D
r�Q���򺛸A������`�3�k�Vq,������/>���}���u���=���a)�H
Z����wN�>6^�A�~9��
\ No newline at end of file
diff --git a/secrets/kara-borgbase-ssh.age b/secrets/kara-borgbase-ssh.age
index a0d9c3e3..6ef0592a 100644
Binary files a/secrets/kara-borgbase-ssh.age and b/secrets/kara-borgbase-ssh.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 7d7f3d86..3a7c1347 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -11,4 +11,5 @@ in
   "thor-digitalocean.age".publicKeys = users ++ [ thor ];
   "thor-borgbase-ssh.age".publicKeys = users ++ [ thor ];
   "thor-borgbase-passphrase.age".publicKeys = users ++ [ thor ];
+  "thor-libations-tskey.age".publicKeys = users ++ [ thor ];
 }
diff --git a/secrets/thor-borgbase-passphrase.age b/secrets/thor-borgbase-passphrase.age
index 2703d957..a0cb0034 100644
Binary files a/secrets/thor-borgbase-passphrase.age and b/secrets/thor-borgbase-passphrase.age differ
diff --git a/secrets/thor-borgbase-ssh.age b/secrets/thor-borgbase-ssh.age
index ed578bcb..f3f510df 100644
Binary files a/secrets/thor-borgbase-ssh.age and b/secrets/thor-borgbase-ssh.age differ
diff --git a/secrets/thor-digitalocean.age b/secrets/thor-digitalocean.age
index e5d5e875..acfc8088 100644
--- a/secrets/thor-digitalocean.age
+++ b/secrets/thor-digitalocean.age
@@ -1,9 +1,10 @@
 age-encryption.org/v1
--> ssh-ed25519 ASg3Sg GUU7pEN/08zLJEZcZ2KNLXlO3j4V+zH3yvCZKgmuaV0
-scttI3tiRqjqTrQOt95NMD+0CNqj2WSCCyV0hJ9IpgQ
--> ssh-ed25519 HTYk+g IpBlhhEL6rIFl5gFMCP7icaOjt5VYjl+2w5icKhOEEM
-ofZM6NXDJg1SBmoTkln8E1Zi5wzNjCuO38pXl4ZX5Y8
--> h-grease g8IhTVps 2+>Y@^;2 ,NyPdN Q[.F|9X*
-zSwCpOrQ89FL
---- RIurRnXPMXrmFaxQR91pTQbQL6jlPt3bmnxAHCQmSkU
-�6��B�� ��'qP�����/_���(�ο3IX�L�6p_p�wg9�ހ����ر��JA1��K���dq#��J��.J��
�Jg�wQ;
\ No newline at end of file
+-> ssh-ed25519 ASg3Sg fdfEEB6h2PjTUtQHeOYDOM9YdwF+Y5FEHHJokfXOjxE
+b59xNlXGYPlA3bK1QQfJUPdIlXyOfHgQL9KHqFRCnmM
+-> ssh-ed25519 HTYk+g whfs99yVZW4up2KKLxr+5C6X8KCX3EXr1nXtWB3qm1Y
+fzm34J5FM3DbZXmi3J9nU/J0jtFODOcL3143bjWmk0M
+-> =`X-grease
+mLWLA+xSfPIk11wV
+--- +qq22jL9+Mbqxvb5jnocqRpXi4nTbvZOay9fe1qVZ7c
+B�Q�NݻN��*v�5Q�]�Ө6�3�~�g�K�O��/E�H߱�c���nf�e�qK����;�*�RV��K���44����!�
+�I�<
\ No newline at end of file
diff --git a/secrets/thor-libations-tskey.age b/secrets/thor-libations-tskey.age
new file mode 100644
index 00000000..be94c0b1
--- /dev/null
+++ b/secrets/thor-libations-tskey.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 ASg3Sg bReKHI4P9ExPaNVwFf9bj2J0mibldAVXXxx1XgAYRTg
+OXuT3+puMZ86Zetd2oFLbPG01OoXNw49THoaOYz8v/w
+-> ssh-ed25519 HTYk+g QHATIVHm5m9b+h1OuwX7T8yrTdl2l4Ql72UqlhXHdSE
+b2nhm96JVs1n3aPsGYsbwS2d32ew/l2FTco+1RrhWMY
+-> MHcgU7A-grease 9ciM^Qo P !|/ ^u3cjI)s
+B4QLsVaiadaDq1BQ3F6F/E8u2Q5pnbzfZI3+TZh4Lb8XLD1eyFXd1gVASas2zcbu
+ObCUE6rDuja0Iv/5mSHGeEIT9QRNGRRn8yPh8mQ
+--- egNnJzgr/dfEa04oSc+/YvigU8h8GRzD+ZenEhf+CbA
+^�H�Y�ª7�^�aY~��8�g��
R�a����)��{e�d>�lViƻW���m���X�L�f��st
�?s�p,< �P��,�~�g�Q�D��ЯrY�
\ No newline at end of file