diff --git a/flake.nix b/flake.nix
index 9594ad1..177c04e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -9,7 +9,7 @@
 
   outputs = { self, nixpkgs, utils, fenix, naersk }: {
     overlay = final: prev: {
-      inherit (self.packages.${prev.system}) caveman-hunter;
+      inherit (self.packages.${prev.system}) caveman-hunter caveman-gatherer;
     };
 
     nixosModule = self.nixosModules.caveman;
diff --git a/nixos-module.nix b/nixos-module.nix
index 2ff89dc..1f5e18f 100644
--- a/nixos-module.nix
+++ b/nixos-module.nix
@@ -15,6 +15,17 @@ let
     builtins.toJSON hunterSettings
   );
 
+  gathererDefaultSettings = {
+    redis = "redis://127.0.0.1:${toString cfg.redis.port}/";
+    listen_port = 8000;
+  };
+
+  gathererSettings = lib.recursiveUpdate gathererDefaultSettings cfg.gatherer.settings;
+
+  gathererConfigFile = builtins.toFile "gatherer.yaml" (
+    builtins.toJSON gathererSettings
+  );
+
 in
 {
   options.services.caveman = with lib; {
@@ -42,6 +53,18 @@ in
       type = types.enum [ "ERROR" "WARN" "INFO" "DEBUG" "TRACE" ];
       default = "DEBUG";
     };
+
+    gatherer.enable = mkEnableOption "caveman gatherer";
+
+    gatherer.settings = mkOption {
+      type = types.anything;
+      default = gathererDefaultSettings;
+    };
+
+    gatherer.logLevel = mkOption {
+      type = types.enum [ "ERROR" "WARN" "INFO" "DEBUG" "TRACE" ];
+      default = "DEBUG";
+    };
   };
 
   config = {
@@ -77,7 +100,34 @@ in
         RestrictRealtime = true;
         LockPersonality = true;
         MemoryDenyWriteExecute = true;
-        LimitNOFile = 2 * hunterSettings.max_workers;
+        LimitNOFile = 100000;
+      };
+    };
+
+    systemd.services.caveman-gatherer = lib.mkIf cfg.gatherer.enable {
+      wantedBy = [ "multi-user.target" ];
+      requires = [ "redis-caveman.service" ];
+      after = [ "redis-caveman.service" "network-online.target" ];
+      environment.RUST_LOG = "caveman=${cfg.gatherer.logLevel}";
+      serviceConfig = {
+        ExecStart = "${pkgs.caveman-gatherer}/bin/caveman-gatherer ${gathererConfigFile}";
+        Type = "notify";
+        Restart = "always";
+        RestartSec = 10;
+        DynamicUser = true;
+        User = "caveman-gatherer";
+        ProtectSystem = "strict";
+        ProtectHome = true;
+        ProtectHostname = true;
+        ProtectKernelLogs = true;
+        ProtectKernelModules = true;
+        ProtectKernelTunables = true;
+        RestrictNamespaces = true;
+        RestrictRealtime = true;
+        LockPersonality = true;
+        MemoryDenyWriteExecute = true;
+        LimitNOFile = 100000;
+        WorkingDirectory = "${pkgs.caveman-gatherer}/share/caveman/gatherer";
       };
     };
   };