diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 7e7d18f9bea..a814845413d 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -1168,6 +1168,7 @@
   ./services/web-apps/moodle.nix
   ./services/web-apps/netbox.nix
   ./services/web-apps/nextcloud.nix
+  ./services/web-apps/nextcloud-notify_push.nix
   ./services/web-apps/nexus.nix
   ./services/web-apps/nifi.nix
   ./services/web-apps/node-red.nix
diff --git a/nixos/modules/services/web-apps/nextcloud-notify_push.nix b/nixos/modules/services/web-apps/nextcloud-notify_push.nix
new file mode 100644
index 00000000000..e36631b6093
--- /dev/null
+++ b/nixos/modules/services/web-apps/nextcloud-notify_push.nix
@@ -0,0 +1,96 @@
+{ config, options, lib, pkgs, ... }:
+
+let
+  cfg = config.services.nextcloud.notify_push;
+in
+{
+  options.services.nextcloud.notify_push = {
+    enable = lib.mkEnableOption (lib.mdDoc "Notify push");
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.nextcloud-notify_push;
+      defaultText = lib.literalMD "pkgs.nextcloud-notify_push";
+      description = lib.mdDoc "Which package to use for notify_push";
+    };
+
+    socketPath = lib.mkOption {
+      type = lib.types.str;
+      default = "/run/nextcloud-notify_push/sock";
+      description = lib.mdDoc "Socket path to use for notify_push";
+    };
+
+    logLevel = lib.mkOption {
+      type = lib.types.enum [ "error" "warn" "info" "debug" "trace" ];
+      default = "error";
+      description = lib.mdDoc "Log level";
+    };
+  } // (
+    lib.genAttrs [
+      "dbtype"
+      "dbname"
+      "dbuser"
+      "dbpassFile"
+      "dbhost"
+      "dbport"
+      "dbtableprefix"
+    ] (
+      opt: options.services.nextcloud.config.${opt} // {
+        default = config.services.nextcloud.config.${opt};
+        defaultText = "config.services.nextcloud.config.${opt}";
+      }
+    )
+  );
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.nextcloud-notify_push = let
+      nextcloudUrl = "http${lib.optionalString config.services.nextcloud.https "s"}://${config.services.nextcloud.hostName}";
+    in {
+      description = "Push daemon for Nextcloud clients";
+      documentation = [ "https://github.com/nextcloud/notify_push" ];
+      after = [ "phpfpm-nextcloud.service" ];
+      wantedBy = [ "multi-user.target" ];
+      environment = {
+        NEXTCLOUD_URL = nextcloudUrl;
+        SOCKET_PATH = cfg.socketPath;
+        DATABASE_PREFIX = cfg.dbtableprefix;
+        LOG = cfg.logLevel;
+      };
+      postStart = ''
+        ${config.services.nextcloud.occ}/bin/nextcloud-occ notify_push:setup ${nextcloudUrl}/push
+      '';
+      script = let
+        dbType = if cfg.dbtype == "pgsql" then "postgresql" else cfg.dbtype;
+        dbUser = lib.optionalString (cfg.dbuser != null) cfg.dbuser;
+        dbPass = lib.optionalString (cfg.dbpassFile != null) ":$DATABASE_PASSWORD";
+        isSocket = lib.hasPrefix "/" (toString cfg.dbhost);
+        dbHost = lib.optionalString (cfg.dbhost != null) (if
+          isSocket then
+            if dbType == "postgresql" then "?host=${cfg.dbhost}" else
+            if dbType == "mysql" then "?socket=${cfg.dbhost}" else throw "unsupported dbtype"
+          else
+            "@${cfg.dbhost}");
+        dbName = lib.optionalString (cfg.dbname != null) "/${cfg.dbname}";
+        dbUrl = "${dbType}://${dbUser}${dbPass}${lib.optionalString (!isSocket) dbHost}${dbName}${lib.optionalString isSocket dbHost}";
+      in lib.optionalString (dbPass != "") ''
+        export DATABASE_PASSWORD="$(<"${cfg.dbpassFile}")"
+      '' + ''
+        export DATABASE_URL="${dbUrl}"
+        ${cfg.package}/bin/notify_push --glob-config '${config.services.nextcloud.datadir}/config/config.php'
+      '';
+      serviceConfig = {
+        User = "nextcloud";
+        Group = "nextcloud";
+        RuntimeDirectory = [ "nextcloud-notify_push" ];
+        Restart = "on-failure";
+        RestartSec = "5s";
+      };
+    };
+
+    services.nginx.virtualHosts.${config.services.nextcloud.hostName}.locations."^~ /push/" = {
+      proxyPass = "http://unix:${cfg.socketPath}";
+      proxyWebsockets = true;
+      recommendedProxySettings = true;
+    };
+  };
+}
diff --git a/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixos/tests/nextcloud/with-postgresql-and-redis.nix
index 1ef848cfb12..d28c1bdfd6e 100644
--- a/nixos/tests/nextcloud/with-postgresql-and-redis.nix
+++ b/nixos/tests/nextcloud/with-postgresql-and-redis.nix
@@ -13,7 +13,7 @@ in {
     # The only thing the client needs to do is download a file.
     client = { ... }: {};
 
-    nextcloud = { config, pkgs, ... }: {
+    nextcloud = { config, pkgs, lib, ... }: {
       networking.firewall.allowedTCPPorts = [ 80 ];
 
       services.nextcloud = {
@@ -34,6 +34,15 @@ in {
           adminpassFile = toString (pkgs.writeText "admin-pass-file" ''
             ${adminpass}
           '');
+          trustedProxies = [ "::1" ];
+        };
+        notify_push = {
+          enable = true;
+          logLevel = "debug";
+        };
+        extraAppsEnable = true;
+        extraApps = {
+          inherit (pkgs."nextcloud${lib.versions.major config.services.nextcloud.package.version}Packages".apps) notify_push;
         };
       };
 
@@ -94,8 +103,10 @@ in {
         "${withRcloneEnv} ${copySharedFile}"
     )
     client.wait_for_unit("multi-user.target")
+    client.execute("${pkgs.nextcloud-notify_push.passthru.test_client}/bin/test_client http://nextcloud ${adminuser} ${adminpass} >&2 &")
     client.succeed(
         "${withRcloneEnv} ${diffSharedFile}"
     )
+    nextcloud.wait_until_succeeds("journalctl -u nextcloud-notify_push | grep -q \"Sending ping to ${adminuser}\"")
   '';
 })) args
diff --git a/pkgs/servers/nextcloud/notify_push.nix b/pkgs/servers/nextcloud/notify_push.nix
new file mode 100644
index 00000000000..737e5d7deba
--- /dev/null
+++ b/pkgs/servers/nextcloud/notify_push.nix
@@ -0,0 +1,41 @@
+{ lib, fetchFromGitHub, fetchpatch, rustPlatform }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "notify_push";
+  version = "0.5.0";
+
+  src = fetchFromGitHub {
+    owner = "nextcloud";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-LkC2mD3klMQRF3z5QuVPcRHzz33VJP+UcN6LxsQXq7Q=";
+  };
+
+  cargoHash = "sha256-GZikXM3AvhC2gtwE2wYbGV+aRV+QKothWQG17Vzi2Lc=";
+
+  passthru = {
+    test_client = rustPlatform.buildRustPackage {
+      pname = "${pname}-test_client";
+      inherit src version;
+
+      cargoPatches = [
+        # fix test client not being able to connect
+        (fetchpatch {
+          url = "https://github.com/nextcloud/notify_push/commit/03aa38d917bfcba4d07f72b6aedac6a5057cad81.patch";
+          hash = "sha256-dcN62tA05HH1RTvG0puonJjKMQn1EouA8iuz82vh2aU=";
+        })
+      ];
+
+      buildAndTestSubdir = "test_client";
+
+      cargoHash = "sha256-RALqjI6DlWmfgKvyaH4RiSyqWsIqUyY9f709hOi2ldc=";
+    };
+  };
+
+  meta = with lib; {
+    description = "Update notifications for nextcloud clients";
+    homepage = "https://github.com/nextcloud/notify_push";
+    license = licenses.agpl3Plus;
+    maintainers = with maintainers; [ ajs124 ];
+  };
+}
diff --git a/pkgs/servers/nextcloud/packages/24.json b/pkgs/servers/nextcloud/packages/24.json
index b0439db114a..8dc5d7cbf99 100644
--- a/pkgs/servers/nextcloud/packages/24.json
+++ b/pkgs/servers/nextcloud/packages/24.json
@@ -129,6 +129,16 @@
       "agpl"
     ]
   },
+  "notify_push": {
+    "sha256": "1raxkzdcd9mixg30ifv22lzf10j47n79n05yqbf6mjagrgj0rr7f",
+    "url": "https://github.com/nextcloud/notify_push/releases/download/v0.5.0/notify_push.tar.gz",
+    "version": "0.5.0",
+    "description": "Push update support for desktop app.\n\nOnce the app is installed, the push binary needs to be setup. You can either use the setup wizard with `occ notify_push:setup` or see the [README](http://github.com/nextcloud/notify_push) for detailed setup instructions",
+    "homepage": "",
+    "licenses": [
+      "agpl"
+    ]
+  },
   "onlyoffice": {
     "sha256": "6117b7b8c5c7133975e4ebf482814cdcd3f94a1b3c76ea1b5eed47bdd1fbfcbb",
     "url": "https://github.com/ONLYOFFICE/onlyoffice-nextcloud/releases/download/v7.5.8/onlyoffice.tar.gz",
diff --git a/pkgs/servers/nextcloud/packages/25.json b/pkgs/servers/nextcloud/packages/25.json
index 43ff7d5b6d6..60282475f0f 100644
--- a/pkgs/servers/nextcloud/packages/25.json
+++ b/pkgs/servers/nextcloud/packages/25.json
@@ -109,6 +109,16 @@
       "agpl"
     ]
   },
+  "notify_push": {
+    "sha256": "1raxkzdcd9mixg30ifv22lzf10j47n79n05yqbf6mjagrgj0rr7f",
+    "url": "https://github.com/nextcloud/notify_push/releases/download/v0.5.0/notify_push.tar.gz",
+    "version": "0.5.0",
+    "description": "Push update support for desktop app.\n\nOnce the app is installed, the push binary needs to be setup. You can either use the setup wizard with `occ notify_push:setup` or see the [README](http://github.com/nextcloud/notify_push) for detailed setup instructions",
+    "homepage": "",
+    "licenses": [
+      "agpl"
+    ]
+  },
   "onlyoffice": {
     "sha256": "0gy4n86q7b5qmy609ncibp94v1b3z9msc0129572qz2zyxfqxq3i",
     "url": "https://github.com/ONLYOFFICE/onlyoffice-nextcloud/releases/download/v7.6.8/onlyoffice.tar.gz",
diff --git a/pkgs/servers/nextcloud/packages/nextcloud-apps.json b/pkgs/servers/nextcloud/packages/nextcloud-apps.json
index a8375789023..ba55e92332c 100644
--- a/pkgs/servers/nextcloud/packages/nextcloud-apps.json
+++ b/pkgs/servers/nextcloud/packages/nextcloud-apps.json
@@ -12,6 +12,7 @@
 , "mail"
 , "news"
 , "notes"
+, "notify_push"
 , "onlyoffice"
 , "polls"
 , "registration"
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 3bd4b477b35..0a959411c65 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -10144,6 +10144,8 @@ with pkgs;
 
   nextcloud-news-updater = callPackage ../servers/nextcloud/news-updater.nix { };
 
+  nextcloud-notify_push = callPackage ../servers/nextcloud/notify_push.nix { };
+
   ndstool = callPackage ../tools/archivers/ndstool { };
 
   nfs-ganesha = callPackage ../servers/nfs-ganesha { };