diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix
index 2cb1ffe44294..fd76dfc47a1f 100644
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@@ -74,6 +74,7 @@ in
     wwwrun = 54;
     spamd = 56;
     nslcd = 58;
+    nginx = 60;
 
     # When adding a uid, make sure it doesn't match an existing gid.
 
@@ -131,6 +132,7 @@ in
     networkmanager = 57;
     nslcd = 58;
     scanner = 59;
+    nginx = 60;
 
     # When adding a gid, make sure it doesn't match an existing uid.
 
diff --git a/modules/services/web-servers/nginx/default.nix b/modules/services/web-servers/nginx/default.nix
index c9c242400f7f..b26af1aa7445 100644
--- a/modules/services/web-servers/nginx/default.nix
+++ b/modules/services/web-servers/nginx/default.nix
@@ -4,8 +4,9 @@ with pkgs.lib;
 
 let
   cfg = config.services.nginx;
+  nginx = pkgs.nginx.override { fullWebDAV = cfg.fullWebDAV; };
   configFile = pkgs.writeText "nginx.conf" ''
-    user nginx nginx;
+    user ${cfg.user} ${cfg.group};
     daemon off;
     ${cfg.config}
   '';
@@ -34,12 +35,27 @@ in
           Directory holding all state for nginx to run.
         ";
       };
+
+      user = mkOption {
+        default = "nginx";
+        description = "User account under which nginx runs.";
+      };
+
+      group = mkOption {
+        default = "nginx";
+        description = "Group account under which nginx runs.";
+      };
+
+      fullWebDAV = mkOption {
+        default = false;
+        description = "Compile in a third party module providing full WebDAV support";
+      };
     };
 
   };
 
   config = mkIf cfg.enable {
-    environment.systemPackages = [ pkgs.nginx ];
+    environment.systemPackages = [ nginx ];
 
     # TODO: test user supplied config file pases syntax test
 
@@ -47,21 +63,26 @@ in
       description = "Nginx Web Server";
       after = [ "network.target" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.nginx ];
+      path = [ nginx ];
       preStart =
         ''
         mkdir -p ${cfg.stateDir}/logs
-        chown -R nginx:nginx ${cfg.stateDir}
+        chown -R ${cfg.user}:${cfg.group} ${cfg.stateDir}
         '';
       serviceConfig = {
-        ExecStart = "${pkgs.nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}";
+        ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}";
       };
     };
 
-    users.extraUsers.nginx = {
-      group = "nginx";
-    };
+    users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton
+      { name = "nginx";
+        group = "nginx";
+        uid = config.ids.uids.nginx;
+      });
 
-    users.extraGroups.nginx = {};
+    users.extraGroups = optionalAttrs (cfg.group == "nginx") (singleton
+      { name = "nginx";
+        gid = config.ids.gids.nginx;
+      });
   };
 }