diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index f1028a479df..956215d9a97 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -134,6 +134,7 @@
       teamspeak = 124;
       influxdb = 125;
       nsd = 126;
+      gitolite = 127;
 
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 13f2656c287..3bce68670fc 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -147,6 +147,7 @@
   ./services/misc/felix.nix
   ./services/misc/folding-at-home.nix
   ./services/misc/gpsd.nix
+  ./services/misc/gitolite.nix
   ./services/misc/nix-daemon.nix
   ./services/misc/nix-gc.nix
   ./services/misc/nix-ssh-serve.nix
diff --git a/nixos/modules/services/misc/gitolite.nix b/nixos/modules/services/misc/gitolite.nix
new file mode 100644
index 00000000000..7e7629c0561
--- /dev/null
+++ b/nixos/modules/services/misc/gitolite.nix
@@ -0,0 +1,66 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.gitolite;
+  pubkeyFile = pkgs.writeText "gitolite-admin.pub" cfg.adminPubkey;
+in
+{
+  options = {
+    services.gitolite = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Enable gitolite management under the
+          <literal>gitolite</literal> user. The Gitolite home
+          directory is <literal>/var/lib/gitolite</literal>. After
+          switching to a configuration with Gitolite enabled, you can
+          then run <literal>git clone
+          git@host:gitolite-admin.git</literal> to manage it further.
+        '';
+      };
+
+      adminPubkey = mkOption {
+        type = types.str;
+        description = ''
+          Initial administrative public key for Gitolite. This should
+          be an SSH Public Key. Note that this key will only be used
+          once, upon the first initialization of the Gitolite user.
+        '';
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    users.extraUsers.gitolite = {
+      description     = "Gitolite user";
+      home            = "/var/lib/gitolite";
+      createHome      = true;
+      uid             = config.ids.uids.gitolite;
+      useDefaultShell = true;
+    };
+
+    systemd.services."gitolite-init" = {
+      description = "Gitolite initialization";
+      wantedBy    = [ "multi-user.target" ];
+
+      serviceConfig.User = "gitolite";
+      serviceConfig.Type = "oneshot";
+      serviceConfig.RemainAfterExit = true;
+
+      path = [ pkgs.gitolite pkgs.git pkgs.perl pkgs.bash pkgs.openssh ];
+      script = ''
+        cd /var/lib/gitolite
+        mkdir -p .gitolite/logs
+        if [ ! -d repositories ]; then
+          gitolite setup -pk ${pubkeyFile}
+        fi
+        gitolite setup # Upgrade if needed
+      '';
+    };
+
+    environment.systemPackages = [ pkgs.gitolite pkgs.git ];
+  };
+}