diff --git a/dev/opentitan.nix b/dev/opentitan.nix
new file mode 100644
index 0000000..6039d47
--- /dev/null
+++ b/dev/opentitan.nix
@@ -0,0 +1,84 @@
+{
+  pkgs,
+  python_ot,
+  verilator_ot,
+  ncurses5,
+  patchelf,
+  stdenv,
+  edaTools ? [],
+  ...
+}: let
+  # If SONAME is specified, lookup cache files created by ldconfig will only use the SONAME and will ignore
+  # the filename, this casues libtinfo.so to not be found under FHS. Patch ncurses5 to provide a libtinfo.so
+  # with proper SONAME.
+  ncurses5-patched =
+    pkgs.runCommand "ncurses5" {
+      outputs = ["out" "dev" "man"];
+    } ''
+      cp -r ${ncurses5} $out
+      chmod +w $out/lib
+      cp -L --no-preserve=mode --remove-destination `realpath $out/lib/libtinfo.so.5` $out/lib/libtinfo.so.5
+      ${patchelf}/bin/patchelf --set-soname libtinfo.so.5 $out/lib/libtinfo.so.5
+      cp -r ${ncurses5.dev} $dev
+      cp -r ${ncurses5.man} $man
+    '';
+  edaExtraDeps = with pkgs; [elfutils openssl];
+in
+  (pkgs.buildFHSEnv {
+    name = "opentitan";
+    targetPkgs = _:
+      with pkgs;
+        [
+          bazelisk
+
+          python_ot
+          verilator_ot
+
+          # For serde-annotate which can be built with just cargo
+          rustup
+
+          # Bazel downloads Rust compilers which are not patchelfed and they need this.
+          zlib
+          openssl
+          curl
+
+          (wrapCCWith {
+            cc = gcc-unwrapped;
+            # Bazel rules_rust expects build PIE binary in opt build but doesn't request PIE/PIC, so force PIC
+            nixSupport.cc-cflags = ["-fPIC"];
+          })
+
+          python_ot
+          libxcrypt-legacy
+
+          # Bazel filters out all environment including PKG_CONFIG_PATH. Append this inside wrapper.
+          (pkg-config.override {
+            extraBuildCommands = ''
+              echo "export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/lib/pkgconfig" >> $out/nix-support/utils.bash
+            '';
+          })
+          udev
+          libftdi1
+          libusb1 # needed for libftdi1 pkg-config
+          ncurses5-patched
+
+          srecord
+
+          # For documentation
+          hugo
+          doxygen
+        ]
+        ++ map (tool:
+          tool.override {
+            extraDependencies = edaExtraDeps;
+          })
+        edaTools;
+    extraOutputsToInstall = ["dev"];
+
+    extraBwrapArgs = [
+      # OpenSSL included in the Python downloaded by Bazel makes use of these paths.
+      "--symlink ${pkgs.openssl.out}/etc/ssl/openssl.cnf /etc/ssl/openssl.cnf"
+      "--symlink /etc/ssl/certs/ca-certificates.crt /etc/ssl/cert.pem"
+    ];
+  })
+  .env
diff --git a/flake.nix b/flake.nix
index 166c02b..0a619bd 100644
--- a/flake.nix
+++ b/flake.nix
@@ -26,8 +26,13 @@
       pkgs = import nixpkgs {
         inherit system;
       };
-    in {
+    in rec {
       packages = import ./pkgs {inherit pkgs inputs;};
+      devShells = {
+        opentitan = pkgs.callPackage ./dev/opentitan.nix {
+          inherit (packages) verilator_ot python_ot;
+        };
+      };
       formatter = pkgs.alejandra;
     });
   in