diff --git a/services/nspawn.nix b/services/nspawn.nix
new file mode 100644
index 0000000..e0ebb4b
--- /dev/null
+++ b/services/nspawn.nix
@@ -0,0 +1,28 @@
+{ config, lib, ... }:
+
+with lib;
+
+mkIf (elem "nspawn" config.machine.services) {
+  systemd = let
+    fn = import ../fn.nix { inherit lib; };
+  in {
+    nspawn = recursiveUpdate (listToAttrs (
+      (map (
+        name: {
+          name = name;
+          value = { networkConfig.VirtualEthernet = "no"; };
+        }
+      )
+        (fn.lst { p = /var/lib/machines; t = "directory"; b = false; })
+      ))) {
+        "64Arch" = {
+          filesConfig = {
+            "BindReadOnly" = ["/tmp/.X11-unix"];
+            "Bind" = ["/dev/snd" "/dev/dri"];
+            # TODO: Add this to service overrides
+            # "DeviceAllow" = [ "/dev/dri/renderD128" ];
+          };
+        };
+      };
+  };
+}