diff --git a/modules/default.nix b/modules/default.nix
index e5e8daa..af5dc6f 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -34,6 +34,7 @@
     ./security/gpg.nix
     ./security/pass.nix
     ./services/borgmatic
+    ./services/chrony
     ./services/coturn
     ./services/gitea
     ./services/gitea-runner
diff --git a/modules/services/chrony/default.nix b/modules/services/chrony/default.nix
new file mode 100644
index 0000000..6b80028
--- /dev/null
+++ b/modules/services/chrony/default.nix
@@ -0,0 +1,41 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.modules.services.chrony;
+in {
+  options.modules.services.chrony = {
+    enable = mkOption {
+      default = false;
+      example = true;
+      description = "Enable chrony NTP deamon";
+    };
+
+    config = mkIf cfg.enable {
+      services.chrony = {
+        enable = true;
+
+        servers = [
+          "uk.pool.ntp.org"
+          "time.cloudflare.com"
+        ];
+
+        extraConfig = ''
+          makestep 1.0 3
+
+          bindaddress 0.0.0.0
+          port 123
+          allow
+        '';
+      };
+
+      services.timesyncd.enable = mkForce false;
+
+      networking.firewall = {
+        allowedUDPPorts = [ 123 ];
+        allowedTCPPorts = [ 123 ];
+      };
+    };
+  };
+}