diff --git a/src/daemon/systemd/user/filter-chain.service.in b/src/daemon/systemd/user/filter-chain.service.in
new file mode 100644
index 000000000..542cbd7f3
--- /dev/null
+++ b/src/daemon/systemd/user/filter-chain.service.in
@@ -0,0 +1,21 @@
+[Unit]
+Description=PipeWire filter chain daemon
+
+After=pipewire.service pipewire-session-manager.service
+BindsTo=pipewire.service
+
+[Service]
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+RestrictNamespaces=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+Type=simple
+ExecStart=@PW_BINARY@ -c filter-chain.conf
+Restart=on-failure
+Slice=session.slice
+
+[Install]
+Also=pipewire.socket
+WantedBy=default.target
diff --git a/src/daemon/systemd/user/meson.build b/src/daemon/systemd/user/meson.build
index d17f3794f..10227629d 100644
--- a/src/daemon/systemd/user/meson.build
+++ b/src/daemon/systemd/user/meson.build
@@ -20,3 +20,8 @@ configure_file(input : 'pipewire-pulse.service.in',
                output : 'pipewire-pulse.service',
                configuration : systemd_config,
                install_dir : systemd_user_services_dir)
+
+configure_file(input : 'filter-chain.service.in',
+               output : 'filter-chain.service',
+               configuration : systemd_config,
+               install_dir : systemd_user_services_dir)