diff --git a/docs/wiki/examples/example-1/index.md b/docs/wiki/examples/example-1/index.md
index 97f9ac5..50ee5a3 100644
--- a/docs/wiki/examples/example-1/index.md
+++ b/docs/wiki/examples/example-1/index.md
@@ -49,6 +49,6 @@ This example does the following:
     radarr.enable = true;
     readarr.enable = true;
     sonarr.enable = true;
+    jellyseerr.enable = true;
   };
 ```
-
diff --git a/docs/wiki/examples/example-2/index.md b/docs/wiki/examples/example-2/index.md
index 49e44f9..d1ebeba 100644
--- a/docs/wiki/examples/example-2/index.md
+++ b/docs/wiki/examples/example-2/index.md
@@ -51,6 +51,7 @@ example does the following:
     prowlarr.enable = true;
     readarr.enable = true;
     lidarr.enable = true;
+    jellyseerr.enable = true;
   };
 
   # The `openssh.vpn.enable` option does not enable openssh, so we do that here:
diff --git a/nixarr/default.nix b/nixarr/default.nix
index 7d1d20a..6123b5a 100644
--- a/nixarr/default.nix
+++ b/nixarr/default.nix
@@ -49,6 +49,10 @@ with lib; let
         chown -R cross-seed:root "${cfg.transmission.privateTrackers.cross-seed.stateDir}"
         find "${cfg.transmission.privateTrackers.cross-seed.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
       ''
+      + strings.optionalString cfg.jellyseer.enable ''
+        chown -R jellyseer:root "${cfg.jellyseer.stateDir}"
+        find "${cfg.jellyseer.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
+      ''
       + strings.optionalString cfg.prowlarr.enable ''
         chown -R prowlarr:root "${cfg.prowlarr.stateDir}"
         find "${cfg.prowlarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
@@ -77,6 +81,7 @@ with lib; let
 in {
   imports = [
     ./jellyfin
+    ./jellyseer
     ./bazarr
     ./ddns
     ./radarr
@@ -115,6 +120,7 @@ in {
         The following services are supported:
 
         - [Jellyfin](#nixarr.jellyfin.enable)
+        - [Jellyseer](#nixarr.Jellyseer.enable)
         - [Bazarr](#nixarr.bazarr.enable)
         - [Lidarr](#nixarr.lidarr.enable)
         - [Prowlarr](#nixarr.prowlarr.enable)
diff --git a/nixarr/jellyseerr/default.nix b/nixarr/jellyseerr/default.nix
new file mode 100644
index 0000000..fbe57f1
--- /dev/null
+++ b/nixarr/jellyseerr/default.nix
@@ -0,0 +1,128 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.nixarr.jellyseerr;
+  defaultPort = 5055;
+  nixarr = config.nixarr;
+in {
+  options.nixarr.jellyseerr = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      example = true;
+      description = ''
+        Whether or not to enable the Jellyseerr service.
+
+        **Required options:** [`nixarr.enable`](#nixarr.enable)
+      '';
+    };
+
+    package = mkPackageOption pkgs "jellyseerr" {};
+
+    stateDir = mkOption {
+      type = types.path;
+      default = "${nixarr.stateDir}/jellyseerr";
+      defaultText = literalExpression ''"''${nixarr.stateDir}/jellyseerr"'';
+      example = "/nixarr/.state/jellyseerr";
+      description = ''
+        The location of the state directory for the Jellyseerr service.
+
+        > **Warning:** Setting this to any path, where the subpath is not
+        > owned by root, will fail! For example:
+        >
+        > ```nix
+        >   stateDir = /home/user/nixarr/.state/Jellyseerr
+        > ```
+        >
+        > Is not supported, because `/home/user` is owned by `user`.
+      '';
+    };
+
+    openFirewall = mkOption {
+      type = types.bool;
+      defaultText = literalExpression ''!nixarr.jellyseerr.vpn.enable'';
+      default = !cfg.vpn.enable;
+      example = true;
+      description = "Open firewall for Jellyseerr";
+    };
+
+    vpn.enable = mkOption {
+      type = types.bool;
+      default = false;
+      example = true;
+      description = ''
+        **Required options:** [`nixarr.vpn.enable`](#nixarr.vpn.enable)
+
+        Route Jellyseerr traffic through the VPN.
+      '';
+    };
+  };
+
+  config = mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = cfg.enable -> nixarr.enable;
+        message = ''
+          The nixarr.jellyseerr.enable option requires the
+          nixarr.enable option to be set, but it was not.
+        '';
+      }
+      {
+        assertion = cfg.vpn.enable -> nixarr.vpn.enable;
+        message = ''
+          The nixarr.jellyseerr.vpn.enable option requires the
+          nixarr.vpn.enable option to be set, but it was not.
+        '';
+      }
+    ];
+
+    services.jellyseerr = {
+      enable = cfg.enable;
+      package = cfg.package;
+      user = "jellyseerr";
+      group = "media";
+    };
+
+    # Enable and specify VPN namespace to confine service in.
+    systemd.services.jellyseerr.vpnConfinement = mkIf cfg.vpn.enable {
+      enable = true;
+      vpnNamespace = "wg";
+    };
+
+    # Port mappings
+    vpnNamespaces.wg = mkIf cfg.vpn.enable {
+      portMappings = [
+        {
+          from = defaultPort;
+          to = defaultPort;
+        }
+      ];
+    };
+
+    services.nginx = mkIf cfg.vpn.enable {
+      enable = true;
+
+      recommendedTlsSettings = true;
+      recommendedOptimisation = true;
+      recommendedGzipSettings = true;
+
+      virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
+        listen = [
+          {
+            addr = "0.0.0.0";
+            port = defaultPort;
+          }
+        ];
+        locations."/" = {
+          recommendedProxySettings = true;
+          proxyWebsockets = true;
+          proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
+        };
+      };
+    };
+  };
+}