diff --git a/modules/media/qbittorrent.nix b/modules/media/qbittorrent.nix
new file mode 100644
index 0000000..b9ea061
--- /dev/null
+++ b/modules/media/qbittorrent.nix
@@ -0,0 +1,94 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.qbittorrent;
+  UID = 888;
+  GID = 888;
+in
+{
+  options.services.qbittorrent = {
+    enable = mkEnableOption "qBittorrent-nox headless service";
+
+    dataDir = mkOption {
+      type = types.path;
+      default = "/var/lib/qbittorrent";
+      description = "Directory where qBittorrent stores its data files.";
+    };
+
+    user = mkOption {
+      type = types.str;
+      default = "qbittorrent";
+      description = "User account under which qBittorrent runs.";
+    };
+
+    group = mkOption {
+      type = types.str;
+      default = "qbittorrent";
+      description = "Group under which qBittorrent runs.";
+    };
+
+    port = mkOption {
+      type = types.port;
+      default = 8080;
+      description = "qBittorrent web UI port.";
+    };
+
+    openFirewall = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Open the web UI port to the network.";
+    };
+
+    package = mkOption {
+      type = types.package;
+      default = pkgs.qbittorrent-nox;
+      defaultText = literalExpression "pkgs.qbittorrent-nox";
+      description = "The qbittorrent package to use.";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    networking.firewall = mkIf cfg.openFirewall {
+      allowedTCPPorts = [ cfg.port ];
+    };
+
+    systemd.services.qbittorrent = {
+      description = "qBittorrent-nox service";
+      documentation = [ "man:qbittorrent-nox(1)" ];
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        User = cfg.user;
+        Group = cfg.group;
+        ExecStartPre = let
+          preStartScript = pkgs.writeScript "qbittorrent-prestart" ''
+            #!${pkgs.bash}/bin/bash
+            if ! test -d "$QBT_PROFILE"; then
+              install -d -m 0755 -o "${cfg.user}" -g "${cfg.group}" "$QBT_PROFILE"
+            fi
+          '';
+        in
+          "!${preStartScript}";
+        ExecStart = "${cfg.package}/bin/qbittorrent-nox";
+      };
+      environment = {
+        QBT_PROFILE = cfg.dataDir;
+        QBT_WEBUI_PORT = toString cfg.port;
+      };
+    };
+
+    users.users = mkIf (cfg.user == "qbittorrent") {
+      qbittorrent = {
+        group = cfg.group;
+        uid = UID;
+      };
+    };
+
+    users.groups = mkIf (cfg.group == "qbittorrent") {
+      qbittorrent = { gid = GID; };
+    };
+  };
+}
diff --git a/nixos/homelab.nix b/nixos/homelab.nix
index 1b64caf..5695b11 100644
--- a/nixos/homelab.nix
+++ b/nixos/homelab.nix
@@ -3,7 +3,8 @@
 
 {
   imports = [
-   ../modules/nextcloud-setup.nix 
+   ../modules/nextcloud-setup.nix
+   ../modules/media/qbittorrent.nix 
    # Import any shared modules from your ./modules directory if applicable
     # e.g., (../modules/common-settings.nix)
   ];
@@ -111,12 +112,23 @@
     };
   };
   
-  services.qbittorrent-nox = {
-  enable = true;
-  user = "torrent";
-  group = "media_services";
-  port = 8728;
-  };    
+  users.users.qbittorrent.extraGroups = [ "media_services" ];
+  users.groups.qbittorrent = {};
+
+  services.qbittorrent = {
+    enable = true;
+    dataDir = "/storage/services/qbittorrent";
+    user = "qbittorrent";
+    group = "qbittorrent";
+    port = 8090;
+    openFirewall = true;
+    package = pkgs.qbittorrent-nox;
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /storage/downloads 0775 root media_services - -"
+    "d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -"
+  ];
   # Sudo access for the wheel group (which death916 is part of)
   security.sudo.wheelNeedsPassword = true; # Or false if you prefer passwordless sudo for wheel