diff --git a/lib/default.nix b/lib/default.nix
index a46e9a6..b2b9727 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -37,14 +37,16 @@ rec {
     fromHive {
       builder = (
         node: module: {
-          monitors = let
-            hostname = mkHost node module.config;
-          in {
-            ${prefix + hostname} = {
-              type = "ping";
-              inherit tags hostname;
+          monitors =
+            let
+              hostname = mkHost node module.config;
+            in
+            {
+              ${prefix + hostname} = {
+                type = "ping";
+                inherit tags hostname;
+              };
             };
-          };
         }
       );
       inherit nodes excludes;
diff --git a/nixos/module.nix b/nixos/module.nix
index 740e7c6..0fe541c 100644
--- a/nixos/module.nix
+++ b/nixos/module.nix
@@ -14,10 +14,18 @@ in
       json = lib.mkOption { type = lib.types.package; };
       script = lib.mkOption { type = lib.types.package; };
     };
+    enableService = lib.mkEnableOption "the auto-deployment systemd unit";
     host = lib.mkOption {
       default = null;
       type = with lib.types; nullOr str;
     };
+    username = lib.mkOption {
+      default = null;
+      type = with lib.types; nullOr str;
+    };
+    passwordFile = lib.mkOption {
+      type = with lib.types; nullOr path;
+    };
     extraFlags = lib.mkOption {
       default = [ ];
       example = [ "--scrape-http-keywords" ];
@@ -46,18 +54,39 @@ in
       };
     };
   };
-  config.statelessUptimeKuma = {
-    lib = import ../lib { inherit lib; };
-    extraFlags = lib.optional (cfg.host != null) "--host ${cfg.host}";
-    build = {
-      json = probesFormat.generate "probes.json" cfg.probesConfig;
-      script = pkgs.writeShellApplication {
-        name = "deploy-uptime-kuma-probes";
-        runtimeInputs = [ pkgs.statelessUptimeKuma ];
-        text = ''
-          args=("$@")
-          stateless-uptime-kuma apply-json -f ${cfg.build.json} ${builtins.concatStringsSep " " cfg.extraFlags} "''${args[@]}"
-        '';
+  config = {
+    statelessUptimeKuma = {
+      lib = import ../lib { inherit lib; };
+      extraFlags =
+        lib.optional (cfg.host != null) "--host ${cfg.host}"
+        ++ lib.optional (cfg.username != null) "--username ${cfg.username}";
+      build = {
+        json = probesFormat.generate "probes.json" cfg.probesConfig;
+        script = pkgs.writeShellApplication {
+          name = "deploy-uptime-kuma-probes";
+          runtimeInputs = [ pkgs.statelessUptimeKuma ];
+          text = ''
+            args=("$@")
+            stateless-uptime-kuma apply-json -f ${cfg.build.json} ${builtins.concatStringsSep " " cfg.extraFlags} "''${args[@]}"
+          '';
+        };
+      };
+    };
+    systemd.services.stateless-uptime-kuma = lib.mkIf cfg.enableService {
+      description = "Uptime-kuma probes deployment";
+
+      wants = [ "uptime-kuma.service" ];
+      after = [ "uptime-kuma.service" ];
+
+      wantedBy = [ "multi-user.target" ];
+
+      script = ''
+        UPTIME_KUMA_PASSWORD=$(cat $CREDENTIALS_DIRECTORY/password) ${lib.getExe config.statelessUptimeKuma.build.script}
+      '';
+
+      serviceConfig = {
+        LoadCredential = "password:${cfg.passwordFile}";
+        Type = "oneshot";
       };
     };
   };