diff --git a/systems/x86_64-linux/stargate/default.nix b/systems/x86_64-linux/stargate/default.nix
index 9d05b25..e0a6417 100644
--- a/systems/x86_64-linux/stargate/default.nix
+++ b/systems/x86_64-linux/stargate/default.nix
@@ -78,22 +78,6 @@ in {
       extraArgs = ["--sshoption=StrictHostKeyChecking=off"];
     };
   };
-  sops.secrets."duckdns" = {mode = "777";};
-  services.cron = {
-    enable = true;
-    systemCronJobs = [
-      "*/5 * * * * ${lib.getExe (pkgs.writeShellScriptBin "duckdns" ''
-        TOKEN=$(cat ${config.sops.secrets."duckdns".path})
-        REALV6=$(ip -6 addr show dev enp3s0 scope global \
-         | awk '/inet6 2/{print $2}' \
-         | cut -d/ -f1 \
-         | grep -E 'f9c4$' \
-         | head -n1)
-        REALV4=$(curl -s https://ifconfig.me --ipv4)
-        echo url="https://www.duckdns.org/update?domains=kylekrein&token=$TOKEN&ipv6=$REALV6&ip=$REALV4" | curl -k -K -
-      '')} >/dev/null 2>&1"
-    ];
-  };
 
   custom.presets.disko.impermanenceBtrfsLuks = {
     enable = true;
diff --git a/systems/x86_64-linux/stargate/duckdns.nix b/systems/x86_64-linux/stargate/duckdns.nix
new file mode 100644
index 0000000..f788857
--- /dev/null
+++ b/systems/x86_64-linux/stargate/duckdns.nix
@@ -0,0 +1,39 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}: {
+  sops.secrets."duckdns" = {};
+  systemd.timers."duckdns" = {
+    wantedBy = ["timers.target"];
+    timerConfig = {
+      OnBootSec = "5m";
+      OnUnitActiveSec = "5m";
+      Unit = "duckdns.service";
+    };
+  };
+
+  systemd.services."duckdns" = {
+    script = let
+      duckdns = pkgs.writeShellScriptBin "duckdns" ''
+        TOKEN=$(${pkgs.coreutils}/bin/cat ${config.sops.secrets."duckdns".path})
+        REALV6=$(${pkgs.iproute2}/bin/ip -6 addr show dev enp3s0 scope global \
+         | ${pkgs.gawk}/bin/awk '/inet6 2/{print $2}' \
+         | ${pkgs.coreutils}/bin/cut -d/ -f1 \
+         | ${pkgs.gnugrep}/bin/grep -E 'f9c4$' \
+         | ${pkgs.coreutils}/bin/head -n1)
+        REALV4=$(${pkgs.curl}/bin/curl -s https://ifconfig.me --ipv4)
+        ${pkgs.coreutils}/bin/echo url="https://www.duckdns.org/update?domains=kylekrein&token=$TOKEN&ipv6=$REALV6&ip=$REALV4" | ${pkgs.curl}/bin/curl -k -K -
+      '';
+    in ''
+      set -eu
+      out=$(${duckdns}/bin/duckdns)
+      ${pkgs.coreutils}/bin/echo "Sent new IP Address to DuckDNS: $out"
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
+    };
+  };
+}