{pkgs, ...}: {
  # Sets a timer that will pull a new version
  # of the flake and rebuild each week.
  systemd.timers."nix-auto-upgrade" = {
    enable = true;
    wantedBy = ["timers.target"];
    timerConfig = {
      FixedRandomDelay = false;
      RandomizedDelaySec = 0;
      OnCalendar = "weekly";
      Persistent = true;
      Unit = "nix-auto-upgrade";
    };
  };

  systemd.services."nix-auto-upgrade" = {
    enable = true;

    description = "Unattended Upgrade";

    restartIfChanged = false;
    unitConfig.X-StopOnRemoval = false;

    after = ["network-online.target"];
    wants = ["network-online.target"];

    serviceConfig = {
      Type = "oneshot";
      User = "root";
      WorkingDirectory = /etc/nixos/nixos-config;
    };

    path = with pkgs; [
      coreutils
      gnutar
      xz.bin
      gzip
      gitMinimal
      curl
    ];

    script = ''
      set -eu

      ${pkgs.nixos-rebuild}/bin/nixos-rebuild boot -L --flake git+https://git.vulpecula.zone/tasiaiso/nixos-config

      ${pkgs.curl}/bin/curl \
        -H "Title: NixOS upgrade done" \
        -H "Priority: low" \
        -H "Tags: low" \
        -d "$(cat /etc/hostname): upgrade script done" \
        ntfy.sh/tasiaiso_upgrades &> /dev/null # Please don't make me learn how to manage secrets
    '';
  };
}