diff --git a/flake.nix b/flake.nix
index b051de0..6641b2f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -4,6 +4,7 @@
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
     nixos.url = "github:nixos/nixpkgs/nixos-25.11";
+    nixpkgs_unstable.url = "nixpkgs/nixos-unstable";
 
     nix-xilinx = {
       url = "gitlab:asmir.abdulahovic/nix-xilinx";
@@ -44,6 +45,11 @@
       url = "git+https://git.project-cloud.net/asmir/project-cloud";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+
+    nixos-inventree = {
+      url = "github:Gigahawk/nixos-inventree";
+      inputs.nixpkgs.follows = "nixpkgs_unstable";
+    };
   };
 
   outputs =
@@ -57,6 +63,7 @@
     , swaysw
     , zremap
     , nixos
+    , nixos-inventree
     , ...
     }:
     let
@@ -178,6 +185,7 @@
             { _module.args = inputs; }
             { _module.args.system = system; }
             { nix.registry.nixpkgs.flake = nixpkgs; }
+            nixos-inventree.nixosModules.default
             ./magpie/configuration.nix
             ./magpie/hardware-configuration.nix
             simple-nixos-mailserver.nixosModule
diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index 1dcf52a..edcaa51 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -224,6 +224,23 @@
         proxyPass = "http://localhost:8002/";
       };
     };
+
+    virtualHosts."inventree.project-cloud.net" = {
+      quic = true;
+      http3 = true;
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://localhost:8004";
+        proxyWebsockets = true;
+      };
+      locations."/static/" = {
+        alias = "/var/lib/inventree/static/";
+      };
+      locations."/media/" = {
+        alias = "/var/lib/inventree/media/";
+      };
+    };
   };
 
   services.gitea = {
@@ -296,6 +313,68 @@
     startAt = "daily";
   };
 
+  services.inventree = {
+    enable = true;
+
+    # IP and port for gunicorn to bind to
+    bindIp = "127.0.0.1";
+    bindPort = 8004;
+    # Or override the full bind string for e.g. unix sockets:
+    # serverBind = "unix:/run/inventree/inventree.sock";
+
+    # Where InvenTree stores its data (default: /var/lib/inventree)
+    dataDir = "/var/lib/inventree";
+
+    # Systemd timeout for migrations (can be slow on upgrades)
+    serverStartTimeout = "10min";
+    serverStopTimeout = "5min";
+
+    # config.yaml options — freeform, so any key from
+    # https://docs.inventree.org/en/stable/start/config/ works here
+    config = {
+      site_url = "https://inventree.project-cloud.net";
+      allowed_hosts = [ "*" ];
+
+      # Database — defaults to SQLite if not specified
+      database = {
+        ENGINE = "django.db.backends.postgresql";
+        NAME = "inventree";
+        USER = "inventree";
+        HOST = "/run/postgresql";  # peer auth via unix socket
+        PORT = "";
+      };
+
+      # Static/media/backup paths
+      static_root = "/var/lib/inventree/static";
+      media_root = "/var/lib/inventree/media";
+      backup_dir = "/var/lib/inventree/backup";
+
+    };
+
+    plugins = {
+      inventree-kicad-plugin = [];
+    };
+
+    # Declarative user management
+    users = {
+      admin = {
+        email = "asmir@project-cloud.net";
+        is_superuser = true;
+        password_file = "/tmp/inventree-admin-password";
+      };
+    };
+  };
+
+  # If using PostgreSQL:
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "inventree" ];
+    ensureUsers = [{
+      name = "inventree";
+      ensureDBOwnership = true;
+    }];
+  };
+
   # needed for sendmail mail functionality
   users.users.gitea.extraGroups = [ "postdrop" ];
   systemd.services.gitea.serviceConfig = {