diff --git a/hosts/picard/calcom.nix b/hosts/picard/calcom.nix
new file mode 100644
index 00000000..d902aa91
--- /dev/null
+++ b/hosts/picard/calcom.nix
@@ -0,0 +1,35 @@
+{ config, pkgs, lib, ... }:
+{
+
+  users.users.calcom = {
+    group = "calcom";
+    shell = "${pkgs.bash}/bin/bash";
+    uid = 592;
+  };
+  users.groups.calcom = {
+    gid = config.users.users.calcom.uid;
+  };
+  virtualisation.oci-containers.containers."calcom" = {
+    image = "calcom/cal.com:latest";
+    ports = [ "127.0.0.1:8009:8008" ];
+    user = "${toString config.users.users.calcom.uid}:${toString config.users.groups.calcom.gid}";
+    volumes = [
+      "/run/postgresql:/run/postgresql"
+    ];
+    environmentFiles = [ config.age.secrets.picardCalCom.path ];
+    environment = {
+      DATABASE_URL = "postgresql://calcom:calcom@/run/postgresql";
+      NEXT_PUBLIC_WEBAPP_URL = "https://cal.xyno.systems";
+      CALCOM_TELEMETRY_DISABLED = 1;
+    };
+  };
+  services.postgresql = {
+    ensureDatabases = [ "calcom" ];
+    ensureUsers = [
+      {
+        name = "calcom";
+        ensureDBOwnership = true;
+      }
+    ];
+  };
+}
diff --git a/hosts/picard/default.nix b/hosts/picard/default.nix
index a656e977..f56a8673 100644
--- a/hosts/picard/default.nix
+++ b/hosts/picard/default.nix
@@ -11,6 +11,7 @@
       ./hardware-configuration.nix
       ./xynospace-matrix.nix
       ./plausible.nix
+      ./calcom.nix
     ];
 
   documentation.enable = false;
diff --git a/secrets/picardCalCom.age b/secrets/picardCalCom.age
new file mode 100644
index 00000000..255bc6ea
Binary files /dev/null and b/secrets/picardCalCom.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index e730d4ff..f28d88dd 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -36,6 +36,7 @@ in
   "nextcloudAdminPass.age".publicKeys = pubkeys.ragon.host "picard";
   "picardResticSSHKey.age".publicKeys = pubkeys.ragon.host "picard";
   "picardSlidingSyncSecret.age".publicKeys = pubkeys.ragon.host "picard";
+  "picardCalCom.age".publicKeys = pubkeys.ragon.host "picard";
   "picardResticPassword.age".publicKeys = pubkeys.ragon.host "picard";
   "picardResticHealthCheckUrl.age".publicKeys = pubkeys.ragon.host "picard";
   "desec.age".publicKeys = pubkeys.ragon.host "picard";