diff --git a/README.md b/README.md
index 6a4192e..61311be 100644
--- a/README.md
+++ b/README.md
@@ -14,3 +14,37 @@ nix --extra-experimental-features "nix-command flakes" build ".#nixosConfigurati
 ```
 nixos-rebuild switch --update-input nixpkgs --update-input unstable --no-write-lock-file --refresh --flake github+felixalbrigtsen/nixos-server-conf.git --upgrade
 ```
+
+# Services and tools
+
+Below is a list of _most_ of the services configured in this repo, at least the ones that are accessible to the public.
+It might be incomplete or out of date, but should generally describe the state of my homelab.
+Other installed packages and tools are described in the config files (like ./hosts/HOSTNAME/configuration.nix), but not listed here.
+
+## Public / important services
+
+- Matrix ([source](./hosts/defiant/services/matrix/default.nix)) - Decentralized, encrypted chat - Contact me at @felixalb:feal.no
+- [Nextcloud](https://cloud.feal.no) ([source](./hosts/voyager/services/nextcloud.nix)) - Personal cloud services and "google replacements", including file hosting, notes, calendar and webmail
+- [Gitea](https://git.feal.no) ([source](./hosts/defiant/services/gitea.nix)) - Software forge / git server
+- [Hedgedoc](https://md.feal.no) ([source](./hosts/defiant/services/hedgedoc.nix)) - Collaborative markdown notes editor
+- HomeAssistant ([source](./hosts/defiant/services/home-assistant.nix))- Home automation / IOT controller
+- [VaultWarden](https://pw.feal.no) ([source](./hosts/defiant/services/vaultwarden.nix)) - BitWarden Password Manager backend
+- [Kanidm](https://auth.feal.no) ([source](./hosts/voyager/services/kanidm.nix)) - Authentication provider with support for OAuth2/OIDC, LDAPS, SSH, etc.
+- [Jellyfin](https://jf.feal.no) ([source](./hosts/voyager/services/jellyfin.nix)) - Local media streaming
+
+## Networking
+
+- I use *nginx* as a web server and reverse proxy. The configuration is mostly distributed throughout the services that use it ([example](https://git.feal.no/felixalb/nixos-config/src/commit/3a05681d10a6999f73cbef59c3999742b81947a6/hosts/defiant/services/hedgedoc.nix#L98)).
+- I recently switched from Tailscale(actually [headscale](https://github.com/juanfont/headscale)) to *WireGuard*, configured [here](./hosts/defiant/services/wireguard.nix) and [here](./hosts/burnham/services/wireguard.nix).
+- PiHole ([source](./hosts/defiant/services/pihole.nix)) run my internal DNS (\*.home.feal.no) and ad blocking.
+
+## Monitoring
+
+- Prometheus ([source](./hosts/defiant/services/metrics/prometheus.nix)) - Pull-based metrics system that fetches metrics over HTTP from a range of exporters and stores them in a time-series database
+- Loki ([source](./hosts/defiant/services/metrics/loki.nix)) - Central logging for all my hosts
+- Grafana ([source](./hosts/defiant/services/metrics/grafana.nix)) - Visualization and alerting for all my metrics and logs
+
+## Dotfiles and user tools
+
+- (Neo)vim ([source](./home/neovim.nix)) - Text editor with my configuration for IDE-like support for autocompletion, syntax highlighting and efficient editing.
+- Zsh ([source](./home/zsh.nix)) - My shell of choice