diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..ccff189
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,65 @@
+{
+  "nodes": {
+    "naersk": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1671096816,
+        "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=",
+        "owner": "nix-community",
+        "repo": "naersk",
+        "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "master",
+        "repo": "naersk",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1671190014,
+        "narHash": "sha256-NW385LW4Nj53Hbv3LXr458s4NL2/wcARC8rzK7vSWkw=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fbcb61bd7eb19914cbd88789c3586a63ff46b72b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "naersk": "naersk",
+        "nixpkgs": "nixpkgs",
+        "utils": "utils"
+      }
+    },
+    "utils": {
+      "locked": {
+        "lastModified": 1667395993,
+        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..054e557
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,66 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+    utils.url = "github:numtide/flake-utils";
+    naersk = {
+      url = "github:nix-community/naersk/master";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, utils, naersk }:
+    let
+      inherit (nixpkgs) lib;
+      makeAlert2muc = pkgs:
+        let
+          naersk-lib = pkgs.callPackage naersk { };
+        in
+        naersk-lib.buildPackage {
+          pname = "alert2muc";
+          root = ./.;
+          nativeBuildInputs = with pkgs; [ pkg-config ];
+          buildInputs = with pkgs; [ openssl systemd ];
+          checkInputs = [ pkgs.rustPackages.clippy ];
+          doCheck = true;
+          cargoTestCommands = x:
+            x ++ [
+              ''cargo clippy --all --all-features --tests -- \
+                -D clippy::pedantic \
+                -D warnings \
+                -A clippy::module-name-repetitions \
+                -A clippy::too-many-lines \
+                -A clippy::cast-possible-wrap \
+                -A clippy::cast-possible-truncation \
+                -A clippy::nonminimal_bool''
+            ];
+          meta.description = "Send Prometheus alerts to XMPP Multi-User Chatrooms";
+        };
+    in
+    utils.lib.eachDefaultSystem
+      (system:
+        let
+          pkgs = nixpkgs.legacyPackages.${system};
+        in
+        {
+          packages = {
+            default = self.packages."${system}".alert2muc;
+            alert2muc = makeAlert2muc pkgs;
+          };
+
+          apps.default = utils.lib.mkApp {
+            drv = self.packages."${system}".default;
+          };
+
+          devShells.default = with pkgs; mkShell {
+            nativeBuildInputs = [ cargo rustc rustfmt rustPackages.clippy rust-analyzer ];
+            RUST_SRC_PATH = rustPlatform.rustLibSrc;
+          };
+        })
+    // {
+      overlays.default = (_: prev: {
+        alert2muc = makeAlert2muc prev;
+      });
+
+      nixosModules.default = ./nixos-module.nix { inherit self; };
+    };
+}
diff --git a/nixos-module.nix b/nixos-module.nix
new file mode 100644
index 0000000..3a044b4
--- /dev/null
+++ b/nixos-module.nix
@@ -0,0 +1,46 @@
+{ self }:
+{ config, lib, pkgs, ... }: {
+  options.services.alert2muc = with lib; {
+    enable = mkEnableOption "Enable Prometheus XMPP MUC bot";
+    configFile = mkOption {
+      type = types.str;
+    };
+    user = mkOption {
+      type = types.str;
+      default = "alert2muc";
+    };
+    group = mkOption {
+      type = types.str;
+      default = "alert2muc";
+    };
+  };
+
+  config =
+    let
+      cfg = config.services.alert2muc;
+    in
+      lib.mkIf cfg.enable {
+        users = {
+          users.${cfg.user} = {
+            isSystemUser = true;
+            group = cfg.group;
+          };
+          groups.${cfg.group} = {};
+        };
+
+        systemd.services.alert2muc = {
+          wantedBy = [ "multi-user.target" ];
+          after = [ "network-online.target" ];
+          serviceConfig = {
+            Type = "notify";
+            ExecStart = "${self.packages.${pkgs.system}.alert2muc}/bin/alert2muc ${lib.escapeShellArg cfg.configFile}";
+            User = cfg.user;
+            Group = cfg.group;
+            ProtectSystem = "full";
+            Restart = "always";
+            RestartSec = "10s";
+            WatchdogSec = "3600s";
+          };
+        };
+      };
+}