diff --git a/modules/lldap.nix b/modules/lldap.nix
new file mode 100644
index 0000000..95a3ce3
--- /dev/null
+++ b/modules/lldap.nix
@@ -0,0 +1,44 @@
+{ config, pkgs, ... }:
+{
+  services = {
+    lldap = {
+      enable = true;
+      settings = {
+        ldap_user_email = "gandalf@bhankas.org";
+        ldap_user_dn = "gandalf";
+        ldap_port = 3890;
+        ldap_host = "0.0.0.0";
+        http_url = "https://ldap.bhankas.org";
+        http_port = 17170;
+        http_host = "0.0.0.0";
+      };
+    };
+
+    nginx = {
+      enable = true;
+      virtualHosts = {
+        "ldap.bhankas.org" = {
+          addSSL = true;
+          enableACME = true;
+          locations."/" = {
+            proxyPass = "http://127.0.0.1:3890";
+            proxyWebsockets = false;
+            extraConfig =
+              "proxy_set_header Host $host;"
+            ;
+          };
+        };
+      };
+    };
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    certs = {
+      "ldap.bhankas.org" = {
+        email = "admin@bhankas.org";
+        dnsResolver = "1.1.1.1:53";
+      };
+    };
+  };
+}