diff --git a/configs/sterni/configuration.nix b/configs/sterni/configuration.nix
index dc0e739..0018434 100644
--- a/configs/sterni/configuration.nix
+++ b/configs/sterni/configuration.nix
@@ -18,6 +18,22 @@
 
   system.custom.wifi.interfaces = [ "wlp3s0" ];
 
+  on-failure = {
+    url = lib.fileContents <common_secrets/mattermost_sink_url>;
+    enable = true;
+    plans = {
+      tinc_private.name = "tinc.private";
+      tinc_retiolum.name = "tinc.retiolum";
+      sshd.name = "sshd";
+      tor.name = "tor";
+      dnsmasq.name = "dnsmasq";
+      backup_on_workhorse.name = "backup.on-workhorse.private";
+      backup_on_workout.name = "backup.on-workout.private";
+      backup_on_porani.name = "backup.on-porani.private";
+      syncthing.name = "syncthing";
+    };
+  };
+
   security.wrappers = {
     pmount.source = "${pkgs.pmount}/bin/pmount";
     pumount.source = "${pkgs.pmount}/bin/pumount";
diff --git a/modules/default.nix b/modules/default.nix
index fcc351d..3937431 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -39,6 +39,7 @@
     ./system/permown.nix
     ./system/wifi.nix
     ./system/x11.nix
+    ./system/on-failure.nix
 
   ];
 }
diff --git a/modules/system/on-failure.nix b/modules/system/on-failure.nix
new file mode 100644
index 0000000..bb817ad
--- /dev/null
+++ b/modules/system/on-failure.nix
@@ -0,0 +1,65 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+
+  cfg = config.on-failure;
+
+  api = {
+
+    enable = mkEnableOption "krebs.on-failure" // {
+      default = cfg.plans != { };
+    };
+
+    url = mkOption {
+      type = types.str;
+      description = "url on where to send the message to";
+    };
+
+    plans = mkOption {
+      default = { };
+      type = with types;
+        attrsOf (submodule ({ config, ... }: {
+          options = {
+            enable = mkEnableOption "on-failure.${config.name}" // {
+              default = true;
+            };
+            name = mkOption {
+              type = types.str;
+              default = config._module.args.name;
+              description = "Name of the to-be-monitored service.";
+            };
+          };
+        }));
+    };
+  };
+
+  enabled-plans = filter (getAttr "enable") (attrValues cfg.plans);
+
+  to-services = plan: {
+    "${plan.name}".unitConfig.OnFailure = "on-failure.${plan.name}.service";
+    "on-failure.${plan.name}".serviceConfig = rec {
+      ExecStart = mattermostStart plan;
+      SyslogIdentifier = ExecStart.name;
+      Type = "oneshot";
+    };
+  };
+
+  # todo this output must be better
+  mattermostStart = plan:
+    pkgs.writeDash "on-failure.${plan.name}" ''
+      ${pkgs.curl}/bin/curl \
+      --include \
+      --request POST \
+      --data-urlencode \
+      'payload={"text": "Service Failed ${plan.name}"}' \
+      ${cfg.url}
+    '';
+
+in {
+
+  options.on-failure = api;
+
+  config = lib.mkIf cfg.enable {
+    systemd.services = foldl (a: b: a // b) { } (map to-services enabled-plans);
+  };
+}