diff --git a/.pip-tools.toml b/.pip-tools.toml
new file mode 100644
index 00000000..c1f6c7ad
--- /dev/null
+++ b/.pip-tools.toml
@@ -0,0 +1,5 @@
+[tool.pip-tools]
+resolver = "backtracking"
+allow-unsafe = true
+strip-extras = true
+quiet = true
diff --git a/noxfile.py b/noxfile.py
index 08f690bd..dac7a7ae 100644
--- a/noxfile.py
+++ b/noxfile.py
@@ -1,9 +1,50 @@
+from pathlib import Path
+
 import nox
 
-@nox.session(python=["3.11"]) # The python version should match the readthedocs configuration.
+requirements_directory = Path("requirements").resolve()
+
+requirements_files = [
+    requirements_input_file_path.stem
+    for requirements_input_file_path in requirements_directory.glob("*.in")
+]
+
+
+@nox.session(name="pip-compile", python=["3.11"])
+@nox.parametrize(["req"], arg_values_list=requirements_files, ids=requirements_files)
+def pip_compile(session: nox.Session, req: str):
+    """Generate lock files from input files or upgrade packages in lock files."""
+    # fmt: off
+    session.install(
+      "-r", str(requirements_directory / "pip-tools.in"),
+      "-c", str(requirements_directory / "pip-tools.txt"),
+    )
+    # fmt: on
+
+    # Use --upgrade by default unless a user passes -P.
+    upgrade_related_cli_flags = ("-P", "--upgrade-package", "--no-upgrade")
+    has_upgrade_related_cli_flags = any(
+        arg.startswith(upgrade_related_cli_flags) for arg in session.posargs
+    )
+    injected_extra_cli_args = () if has_upgrade_related_cli_flags else ("--upgrade",)
+
+    session.run(
+        "pip-compile",
+        "--output-file",
+        str(requirements_directory / f"{req}.txt"),
+        *session.posargs,
+        *injected_extra_cli_args,
+        str(requirements_directory / f"{req}.in"),
+    )
+
+
+@nox.session(python=["3.11"])  # The python version should match the readthedocs configuration.
 def build(session: nox.Session):
+    """Generate HTML files for the Ansible docsite."""
+    # fmt: off
     session.install(
-      "-r", "requirements.in",
-      "-c", "requirements.txt",
+      "-r", str(requirements_directory / "requirements.in"),
+      "-c", str(requirements_directory / "requirements.txt"),
     )
+    # fmt: on
     session.run("python", "-I", "build.py", *session.posargs)
diff --git a/requirements/pip-tools.in b/requirements/pip-tools.in
new file mode 100644
index 00000000..ad6fdcbf
--- /dev/null
+++ b/requirements/pip-tools.in
@@ -0,0 +1 @@
+pip-tools >= 7 # .pip-tools.toml was introduced in v6.14
diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt
new file mode 100644
index 00000000..b8facf60
--- /dev/null
+++ b/requirements/pip-tools.txt
@@ -0,0 +1,26 @@
+#
+# This file is autogenerated by pip-compile with Python 3.11
+# by the following command:
+#
+#    pip-compile --allow-unsafe --output-file=requirements/pip-tools.txt --strip-extras requirements/pip-tools.in
+#
+build==1.0.3
+    # via pip-tools
+click==8.1.7
+    # via pip-tools
+packaging==23.2
+    # via build
+pip-tools==7.4.0
+    # via -r requirements/pip-tools.in
+pyproject-hooks==1.0.0
+    # via
+    #   build
+    #   pip-tools
+wheel==0.42.0
+    # via pip-tools
+
+# The following packages are considered to be unsafe in a requirements file:
+pip==24.0
+    # via pip-tools
+setuptools==69.1.1
+    # via pip-tools
diff --git a/requirements.in b/requirements/requirements.in
similarity index 100%
rename from requirements.in
rename to requirements/requirements.in
diff --git a/requirements.txt b/requirements/requirements.txt
similarity index 100%
rename from requirements.txt
rename to requirements/requirements.txt