diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md
index 680d3ffb55be6..bb3d6b58e8e20 100644
--- a/nixos/doc/manual/release-notes/rl-2505.section.md
+++ b/nixos/doc/manual/release-notes/rl-2505.section.md
@@ -228,6 +228,10 @@
 
 - [CookCLI](https://cooklang.org/cli/) Server, a web UI for cooklang recipes.
 
+- [Prometheus eBPF Exporter](https://github.com/cloudflare/ebpf_exporter),
+  Prometheus exporter for custom eBPF metrics. Available as
+  [services.prometheus.exporters.ebpf](#opt-services.prometheus.exporters.ebpf.enable).
+
 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
 
 ## Backward Incompatibilities {#sec-release-25.05-incompatibilities}
diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix
index 258d13e3c7c75..2adc59eefbef9 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters.nix
@@ -65,6 +65,7 @@ let
         "dnssec"
         "domain"
         "dovecot"
+        "ebpf"
         "fastly"
         "flow"
         "fritz"
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/ebpf.nix b/nixos/modules/services/monitoring/prometheus/exporters/ebpf.nix
new file mode 100644
index 0000000000000..8ccb6d21623bc
--- /dev/null
+++ b/nixos/modules/services/monitoring/prometheus/exporters/ebpf.nix
@@ -0,0 +1,49 @@
+{
+  config,
+  lib,
+  pkgs,
+  options,
+  ...
+}:
+
+let
+  cfg = config.services.prometheus.exporters.ebpf;
+  inherit (lib)
+    mkOption
+    types
+    concatStringsSep
+    ;
+in
+{
+  port = 9435;
+  extraOpts = {
+    names = mkOption {
+      type = types.listOf types.str;
+      default = [ ];
+      example = [ "timers" ];
+      description = ''
+        List of eBPF programs to load
+      '';
+    };
+  };
+  serviceOpts = {
+    serviceConfig = {
+      AmbientCapabilities = [
+        "CAP_BPF"
+        "CAP_DAC_READ_SEARCH"
+        "CAP_PERFMON"
+      ];
+      CapabilityBoundingSet = [
+        "CAP_BPF"
+        "CAP_DAC_READ_SEARCH"
+        "CAP_PERFMON"
+      ];
+      ExecStart = ''
+        ${pkgs.prometheus-ebpf-exporter}/bin/ebpf_exporter \
+        --config.dir=${pkgs.prometheus-ebpf-exporter}/examples \
+        --config.names=${concatStringsSep "," cfg.names} \
+        --web.listen-address ${cfg.listenAddress}:${toString cfg.port}
+      '';
+    };
+  };
+}
diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix
index 46b8d13364c61..ef356dbc7bb12 100644
--- a/nixos/tests/prometheus-exporters.nix
+++ b/nixos/tests/prometheus-exporters.nix
@@ -407,6 +407,20 @@ let
         '';
       };
 
+    ebpf = {
+      exporterConfig = {
+        enable = true;
+        names = [ "timers" ];
+      };
+      exporterTest = ''
+        wait_for_unit("prometheus-ebpf-exporter.service")
+        wait_for_open_port(9435)
+        succeed(
+            "curl -sSf http://localhost:9435/metrics | grep 'ebpf_exporter_enabled_configs{name=\"timers\"} 1'"
+        )
+      '';
+    };
+
     fastly = {
       exporterConfig = {
         enable = true;
diff --git a/pkgs/by-name/pr/prometheus-ebpf-exporter/package.nix b/pkgs/by-name/pr/prometheus-ebpf-exporter/package.nix
new file mode 100644
index 0000000000000..02d934714c8b6
--- /dev/null
+++ b/pkgs/by-name/pr/prometheus-ebpf-exporter/package.nix
@@ -0,0 +1,82 @@
+{
+  lib,
+  buildGoModule,
+  fetchFromGitHub,
+  nixosTests,
+  pkgs,
+  libbpf,
+  libelf,
+  libsystemtap,
+  libz,
+}:
+
+let
+  version = "2.4.2";
+  tag = "v${version}";
+in
+buildGoModule.override
+  {
+    stdenv = pkgs.clangStdenv;
+  }
+  {
+    name = "ebpf_exporter";
+
+    src = fetchFromGitHub {
+      inherit tag;
+      owner = "cloudflare";
+      repo = "ebpf_exporter";
+      hash = "sha256-gXzaMx9Z6LzrlDaQnagQIi183uKhJvdYiolYb8P+MIs=";
+    };
+
+    vendorHash = "sha256-GhQvPp8baw2l91OUOg+/lrG27P/D4Uzng8XevJf8Pj4=";
+
+    postPatch = ''
+      substituteInPlace examples/Makefile \
+        --replace-fail "-Wall -Werror" ""
+    '';
+
+    buildInputs = [
+      libbpf
+      libelf
+      libsystemtap
+      libz
+    ];
+
+    CGO_LDFLAGS = "-l bpf";
+
+    hardeningDisable = [ "zerocallusedregs" ];
+
+    # Tests fail on trying to access cgroups.
+    doCheck = false;
+
+    ldflags = [
+      "-s"
+      "-w"
+      "-X github.com/prometheus/common/version.Version=${version}"
+      "-X github.com/prometheus/common/version.Revision=${tag}"
+      "-X github.com/prometheus/common/version.Branch=unknown"
+      "-X github.com/prometheus/common/version.BuildUser=nix@nixpkgs"
+      "-X github.com/prometheus/common/version.BuildDate=unknown"
+    ];
+
+    postBuild = ''
+      BUILD_LIBBPF=0 make examples
+    '';
+
+    postInstall = ''
+      mkdir -p $out/examples
+      mv examples/*.o examples/*.yaml $out/examples
+    '';
+
+    passthru.tests = { inherit (nixosTests.prometheus-exporters) ebpf; };
+
+    meta = {
+      description = "Prometheus exporter for custom eBPF metrics";
+      mainProgram = "ebpf_exporter";
+      homepage = "https://github.com/cloudflare/ebpf_exporter";
+      changelog = "https://github.com/cloudflare/ebpf_exporter/releases/tag/v${tag}";
+      license = lib.licenses.mit;
+      maintainers = with lib.maintainers; [ jpds ];
+      platforms = lib.platforms.linux;
+    };
+  }