diff --git a/flake.nix b/flake.nix
index 74e6224..76a50a8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -10,9 +10,14 @@
     pkgsForEach = nixpkgs.legacyPackages;
   in {
     packages = forEachSystem (system: {
-      default = pkgsForEach.${system}.callPackage ./nix/package.nix {};
+      pscand = pkgsForEach.${system}.callPackage ./nix/package.nix {};
+      default = self.packages.${system}.pscand;
     });
 
+    nixosModules = {
+      pscand = import ./nix/modules/nixos.nix self;
+    };
+
     devShells = forEachSystem (system: {
       default = pkgsForEach.${system}.callPackage ./nix/shell.nix {};
     });
diff --git a/nix/modules/nixos.nix b/nix/modules/nixos.nix
new file mode 100644
index 0000000..7df3b81
--- /dev/null
+++ b/nix/modules/nixos.nix
@@ -0,0 +1,38 @@
+self: {
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  inherit (lib.modules) mkIf;
+  inherit (lib.options) mkOption mkEnableOption;
+  inherit (lib.types) package;
+
+  cfg = config.services.pscand;
+in {
+  options.services.pscand = {
+    enable = mkEnableOption "Pluggable System Condition Monitoring Daemon";
+    package = mkOption {
+      type = package;
+      default = self.packages.${pkgs.hostPlatform.system.pscand};
+      defaultText = "self.packages.$${pkgs.hostPlatform.system}.pscand";
+      description = "The pscand package to use";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.packages = [cfg.package];
+
+    systemd.services.pscand = {
+      wantedBy = ["multi-user.target"];
+      after = ["network.target"];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${cfg.package}/bin/pscand";
+        Restart = "on-failure";
+        RestartSec = "5s";
+        Environment = ["${cfg.package}/lib/pscand/scanners"]; # FIXME: make this configurable
+      };
+    };
+  };
+}
diff --git a/nix/package.nix b/nix/package.nix
new file mode 100644
index 0000000..003db21
--- /dev/null
+++ b/nix/package.nix
@@ -0,0 +1,54 @@
+{
+  lib,
+  rustPlatform,
+  makeWrapper,
+  ...
+}: let
+  pname = "pscand";
+  version = "0.1.0";
+  src = let
+    fs = lib.fileset;
+    s = ../.;
+  in
+    lib.cleanSourceWith {
+      src = fs.toSource {
+        root = s;
+        fileset = fs.unions [
+          (s + /crates)
+          (s + /scanners)
+          (s + /Cargo.lock)
+          (s + /Cargo.toml)
+        ];
+      };
+    };
+in
+  rustPlatform.buildRustPackage {
+    inherit pname version src;
+    cargoLock.lockFile = ../Cargo.lock;
+
+    nativeBuildInputs = [
+      makeWrapper
+    ];
+
+    postFixup = let
+      scannerDir = "${placeholder "out"}/lib/pscand/scanners";
+    in ''
+      mkdir -p ${scannerDir}
+      for scanner in scanners/**/target/release/*.so; do
+        if [ -f "$scanner" ]; then
+          install -Dm755 "$scanner" "${scannerDir}/$(basename "$scanner")"
+        fi
+      done
+
+      wrapProgram "$out/bin/pscand" \
+        --set PSCAND_SCANNER_DIRS "${scannerDir}"
+    '';
+
+    meta = {
+      description = "Pluggable System Condition Monitoring Daemon";
+      homepage = "https://github.com/notashelf/pscand";
+      license = lib.licenses.mpl20;
+      maintainers = with lib.maintainers; [NotAShelf];
+      platforms = lib.platforms.linux;
+    };
+  }
diff --git a/nix/shell.nix b/nix/shell.nix
index 3b1df12..d672b69 100644
--- a/nix/shell.nix
+++ b/nix/shell.nix
@@ -9,7 +9,7 @@
   rustPlatform,
 }:
 mkShell {
-  name = "rust";
+  name = "pscand";
 
   strictDeps = true;
   packages = [