diff --git a/hosts/c3d2-web/default.nix b/hosts/c3d2-web/default.nix
index 41caf0a0..10e7fb41 100644
--- a/hosts/c3d2-web/default.nix
+++ b/hosts/c3d2-web/default.nix
@@ -16,6 +16,8 @@ in
   # Network setup
   networking.hostName = "c3d2-web";
   networking.firewall.allowedTCPPorts = [
+    # telme10
+    23
     # http/https
     80 443
     # gemini
@@ -112,6 +114,15 @@ in
     contentDir = geminiRoot;
     language = "de";
   };
+
+  systemd.packages = with pkgs; [ telme10 ];
+
+  systemd.services.telme10 = {
+    serviceConfig = {
+      AmbientCapabilities="CAP_NET_BIND_SERVICE";
+    };
+  };
+
   # let agate access the tls certs
   systemd.services.agate = {
     requires = [ "agate-keys.service" ];
@@ -150,6 +161,12 @@ in
     home = "/var/lib/c3d2-web";
   };
 
+  users.groups.telme10 = {};
+  users.users.telme10 = {
+    isSystemUser = true;
+    group = "telme10";
+  };
+
   systemd.tmpfiles.rules = with config.users.users.c3d2-web; [
     "d ${webroot}/c3d2 0755 c3d2-web ${group} -"
     "d ${webroot}/log 0755 c3d2-web ${group} -"
diff --git a/overlays/default.nix b/overlays/default.nix
index a734f614..2ded9bf2 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -92,6 +92,8 @@ with final; {
 
   simpleygggen-cpp = callPackage ./simpleygggen.nix { };
 
+  telme10 = callPackage ./telme10.nix { };
+
   tracer-game =
     if true
     then throw "tracer-game: haddock runs on affection for 10 hours and more"
diff --git a/overlays/telme10.nix b/overlays/telme10.nix
new file mode 100644
index 00000000..d9e83d91
--- /dev/null
+++ b/overlays/telme10.nix
@@ -0,0 +1,21 @@
+{ stdenv
+, buildGoModule
+, fetchFromGitHub
+}:
+
+buildGoModule {
+  pname = "telmet10";
+  version = "unstable";
+
+  src = fetchFromGitHub {
+    owner = "c3d2";
+    repo = "telmet10";
+    rev = "5962266909bada6993a500ecce8707ec486d4cc0";
+    sha256 = "";
+  };
+
+  postInstall = ''
+    install -t $out/etc/systemd/system telme10.service 
+    install -t $out/etc/systemd/system telme10.socket 
+  '';
+}