diff --git a/newinfra/nix/hive.nix b/newinfra/nix/hive.nix
index a838e3c..d9e66a3 100644
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@@ -14,6 +14,8 @@
       blog = fetchTarball "https://github.com/Noratrieb/nilstrieb.github.io/archive/8162ce0cff29f940507032be6b0692290d73594c.tar.gz";
       slides = fetchTarball "https://github.com/Noratrieb/slides/archive/0401f35c22b124b69447655f0c537badae9e223c.tar.gz";
 
+      pretense = import (fetchTarball "https://github.com/Noratrieb/pretense/archive/270b01fc1118dfd713c1c41530d1a7d98f04527d.tar.gz");
+
       networkingConfig = {
         dns1 = {
           publicIPv4 = "154.38.163.74";
diff --git a/newinfra/nix/modules/default/default.nix b/newinfra/nix/modules/default/default.nix
index ca42e2b..e4139cc 100644
--- a/newinfra/nix/modules/default/default.nix
+++ b/newinfra/nix/modules/default/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, config, name, ... }: {
+{ pkgs, lib, config, name, pretense, ... }: {
   deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
 
   imports = [
@@ -35,9 +35,28 @@
   };
   system.nixos.distroName = "NixOS (gay 🏳️‍⚧️)";
 
+  systemd.services.pretense = {
+    description = "pretense connection logger";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      DynamicUser = true;
+      ExecStart = "${lib.getExe (pretense {inherit pkgs;})}";
+      AmbientCapabilities = "CAP_NET_BIND_SERVICE";
+      Environment = [
+        "PRETENSE_PORTS=23"
+        "PRETENSE_METRICS_PORT=9150"
+      ];
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 23 ];
+
   # monitoring
 
-  networking.firewall.interfaces.wg0.allowedTCPPorts = [ 9100 ];
+  networking.firewall.interfaces.wg0.allowedTCPPorts = [
+    9100 # node exporter
+    9150 # pretense exporter
+  ];
   services.prometheus.exporters = {
     node = {
       enable = true;
diff --git a/newinfra/nix/modules/prometheus/default.nix b/newinfra/nix/modules/prometheus/default.nix
index f47664a..18ce407 100644
--- a/newinfra/nix/modules/prometheus/default.nix
+++ b/newinfra/nix/modules/prometheus/default.nix
@@ -51,6 +51,17 @@
           { targets = [ "dns2.local:9433" ]; }
         ];
       }
+      {
+        job_name = "pretense";
+        static_configs = [
+          { targets = [ "dns1.local:9150" ]; }
+          { targets = [ "dns2.local:9150" ]; }
+          { targets = [ "vps1.local:9150" ]; }
+          { targets = [ "vps3.local:9150" ]; }
+          { targets = [ "vps4.local:9150" ]; }
+          { targets = [ "vps5.local:9150" ]; }
+        ];
+      }
     ];
   };