diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix
index 7ed3e110e5dc..3c3df8279994 100644
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@@ -48,6 +48,7 @@ in
     pulseaudio = 22; # must match `pulseaudio' GID
     gpsd = 23;
     uptimed = 24;
+    ddclient = 25;
 
     nixbld = 30000; # start of range of uids
     nobody = 65534;
diff --git a/modules/module-list.nix b/modules/module-list.nix
index f8bae4a06d13..63246f44400a 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -56,6 +56,7 @@
   ./services/networking/bind.nix
   ./services/networking/bitlbee.nix
   ./services/networking/dhclient.nix
+  ./services/networking/ddclient.nix
   ./services/networking/dhcpd.nix
   ./services/networking/ejabberd.nix
   ./services/networking/firewall.nix
diff --git a/modules/services/networking/ddclient.nix b/modules/services/networking/ddclient.nix
new file mode 100644
index 000000000000..c22a1535b546
--- /dev/null
+++ b/modules/services/networking/ddclient.nix
@@ -0,0 +1,140 @@
+{pkgs, config, ...}:
+
+let
+
+  inherit (pkgs.lib) mkOption mkIf singleton;
+
+  inherit (pkgs) ddclient;
+
+  stateDir = "/var/spool/ddclient";
+
+  ddclientUser = "ddclient";
+
+  modprobe = config.system.sbin.modprobe;
+
+  ddclientFlags = "-foreground -file ${ddclientCfg}";
+
+  ddclientCfg = pkgs.writeText "ddclient.conf" ''
+daemon=600
+cache=${stateDir}/ddclient.cache
+pid=${stateDir}/ddclient.pid
+use=${config.services.ddclient.web}
+login=${config.services.ddclient.username}
+password=${config.services.ddclient.password}
+protocol=${config.services.ddclient.protocol}
+server=${config.services.ddclient.server}
+wildcard=YES
+${config.services.ddclient.domain}
+${config.services.ddclient.extraConfig}
+'';
+
+in
+
+{
+
+  ###### interface
+  
+  options = {
+  
+    services.ddclient = {
+
+      enable = mkOption {
+        default = false;
+        description = ''
+          Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).
+        '';
+      };
+
+      domain = mkOption {
+        default = "";
+        description = ''
+          Domain name to synchronize.
+        '';
+      };
+
+      username = mkOption {
+        default = "";
+        description = ''
+          Username.
+        '';
+      };
+
+      password = mkOption {
+        default = "" ;
+        description = ''
+          Password.
+        '';
+      };
+
+      protocol = mkOption {
+        default = "dyndns2" ;
+        description = ''
+          Protocol to use with dynamic DNS provider. (see also, http://sourceforge.net/apps/trac/ddclient/wiki/Protocols)
+        '';
+      };
+
+      server = mkOption {
+        default = "members.dyndns.org" ;
+        description = ''
+          Server
+        '';
+      };
+
+      extraConfig = mkOption {
+        default = "" ;
+        description = ''
+          Extra configuration. Contents will be added verbatim to the configuration file.
+        '';
+      };
+
+      web = mkOption {
+        default = "web, web=checkip.dyndns.com/, web-skip='IP Address'" ;
+        description = ''
+        '';
+      };
+
+    };
+
+  };
+
+
+  ###### implementation
+
+  config = mkIf config.services.ddclient.enable {
+    environment.systemPackages = [ ddclient ];
+  
+    users.extraUsers = singleton
+      { name = ddclientUser;
+        uid = config.ids.uids.ddclient;
+        description = "ddclient daemon user";
+        home = stateDir;
+      };
+
+    jobs = singleton {
+
+      name = "ddclient";
+      
+      job = ''
+        description "ddclient daemon"
+
+        start on startup
+        stop on shutdown
+
+        start script
+
+            mkdir -m 0755 -p ${stateDir}
+            chown ${ddclientUser} ${stateDir}
+
+            # Needed to run ddclient as an unprivileged user.
+            ${modprobe}/sbin/modprobe capability || true
+
+        end script
+
+        respawn ${ddclient}/bin/ddclient ${ddclientFlags}
+      '';
+
+    };
+    
+  };
+  
+}