diff --git a/data/Debian.yaml b/data/Debian.yaml
index e56c136bc..5034b3022 100644
--- a/data/Debian.yaml
+++ b/data/Debian.yaml
@@ -1,2 +1,3 @@
 ---
 prometheus::env_file_path: '/etc/default'
+prometheus::usershell: '/usr/sbin/nologin'
diff --git a/data/RedHat.yaml b/data/RedHat.yaml
index b227da0d2..53577757e 100644
--- a/data/RedHat.yaml
+++ b/data/RedHat.yaml
@@ -1,2 +1,3 @@
 ---
 prometheus::env_file_path: '/etc/sysconfig'
+prometheus::usershell: '/sbin/nologin'
diff --git a/data/defaults.yaml b/data/defaults.yaml
index 26cdf1e86..90c6a928e 100644
--- a/data/defaults.yaml
+++ b/data/defaults.yaml
@@ -1,4 +1,5 @@
 ---
+prometheus::usershell: '/usr/bin/nologin'
 prometheus::configname: 'prometheus.yaml'
 prometheus::service_enable: true
 prometheus::service_ensure: 'running'
diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index a150c0a81..3d407ad3a 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -89,6 +89,7 @@
   Stdlib::Host $scrape_host            = $facts['fqdn'],
   Optional[Stdlib::Port] $scrape_port  = undef,
   String[1] $scrape_job_name           = $name,
+  Stdlib::Absolutepath $usershell      = $prometheus::usershell,
 ) {
 
   case $install_method {
@@ -148,6 +149,7 @@
       ensure => 'present',
       system => true,
       groups => $extra_groups,
+      shell  => $usershell,
     })
 
     if $manage_group {
diff --git a/manifests/init.pp b/manifests/init.pp
index 87399986b..c9ac78db3 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -146,6 +146,10 @@
 #  Defaults to `undef`, but set to a large integer to override your default OS limit.
 #  Currently only implemented for systemd based service.
 #
+#  [*usershell*]
+#  if requested, we create a user for prometheus or the exporters. The default
+#  shell is nologin. It can be overwritten to any valid path.
+#
 # Actions:
 #
 # Requires: see Modulefile
@@ -193,6 +197,7 @@
   Boolean $manage_user,
   Optional[String[1]] $extract_command,
   Boolean $manage_config,
+  Stdlib::Absolutepath $usershell,
   Hash $extra_alerts    = {},
   Hash $config_hash     = {},
   Hash $config_defaults = {},
diff --git a/manifests/install.pp b/manifests/install.pp
index db64b30cf..e9e943ce8 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -72,6 +72,7 @@
       ensure => 'present',
       system => true,
       groups => $prometheus::server::extra_groups,
+      shell  => $prometheus::server::usershell,
     })
 
     if $prometheus::server::manage_group {
diff --git a/manifests/server.pp b/manifests/server.pp
index c75d2c476..17942ee9f 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -45,6 +45,7 @@
   Boolean $manage_config                                                        = $prometheus::manage_config,
   Optional[Variant[Stdlib::HTTPurl, Stdlib::Unixpath, String[1]]] $external_url = $prometheus::external_url,
   Optional[Array[Hash[String[1], Any]]] $collect_scrape_jobs                    = $prometheus::collect_scrape_jobs,
+  Stdlib::Absolutepath $usershell                                               = $prometheus::usershell,
 ) inherits prometheus {
 
   if( versioncmp($version, '1.0.0') == -1 ){