diff --git a/configuration.nix b/configuration.nix
index e217e1f..ff19c31 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -107,6 +107,8 @@
     pirate.enable = true;
     # Regular backups
     postgresql-backup.enable = true;
+    # An IRC client daemon
+    quassel.enable = true;
     # RSS provider for websites that do not provide any feeds
     rss-bridge.enable = true;
     # Usenet client
diff --git a/services/default.nix b/services/default.nix
index 333744f..023481f 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -11,6 +11,7 @@
     ./nginx.nix
     ./pirate.nix
     ./postgresql-backup.nix
+    ./quassel.nix
     ./rss-bridge.nix
     ./sabnzbd.nix
     ./transmission.nix
diff --git a/services/quassel.nix b/services/quassel.nix
new file mode 100644
index 0000000..44842cd
--- /dev/null
+++ b/services/quassel.nix
@@ -0,0 +1,35 @@
+# An IRC client daemon
+{ config, lib, ... }:
+let
+  cfg = config.my.services.quassel;
+  domain = config.networking.domain;
+in
+{
+  options.my.services.quassel = with lib; {
+    enable = mkEnableOption "Quassel IRC client daemon";
+    port = mkOption {
+      type = types.port;
+      default = 4242;
+      example = 8080;
+      description = "The port number for Quassel";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.quassel = {
+      enable = true;
+      portNumber = cfg.port;
+      # Let's be secure
+      requireSSL = true;
+      certificateFile = config.security.acme.certs."${domain}".directory + "/full.pem";
+      # The whole point *is* to connect from other clients
+      interfaces = [ "0.0.0.0" ];
+    };
+
+    # Allow Quassel to read the certificates.
+    users.groups.acme.members = [ "quassel" ];
+
+    # Open port for Quassel
+    networking.firewall.allowedTCPPorts = [ cfg.port ];
+  };
+}