{pkgs, ...}: {
  systemd.timers."nix-auto-upgrade" = {
    wantedBy = ["timers.target"];
    timerConfig = {
      OnCalendar = "weekly";
      Persistent = true;
      Unit = "nix-auto-upgrade";
    };
  };

  systemd.services."nix-auto-upgrade" = {
    script = ''
      set -eu

      ${pkgs.git}/bin/git pull
      ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake .#$(cat /etc/hostname)

      ${pkgs.curl}/bin/curl \
        -H "Title: NixOS upgrade done" \
        -H "Priority: low" \
        -H "Tags: low" \
        -d "$(cat /etc/hostname ): upgrade script done" \
        ntfy.sh/tasiaiso_upgrades &> /dev/null # Please don't make me learn how to manage secrets
    '';
    serviceConfig = {
      Type = "oneshot";
      User = "root";
      WorkingDirectory = /etc/nixos/nixos-config;
    };
  };
}