{
  pkgs,
  lib,
  cfg,
}: {
  timers.fstrim = lib.mkIf cfg.ssd {
    wantedBy = ["timers.target"];
    wants = ["fstrim.service"];
    unitConfig = {
      Description = "Discard unused blocks once a week";
      Documentation = "man:fstrim";
      ConditionVirtualization = "!container";
      ConditionPathExists = "!/etc/initrd-release";
    };
    timerConfig = {
      OnCalendar = "weekly";
      AccuracySec = "1h";
      Persistent = "true";
      RandomizedDelaySec = "6000";
    };
  };
  services.fstrim = lib.mkIf cfg.ssd {
    wantedBy = lib.mkForce [];
    unitConfig = {
      Description = "Discard unused blocks on filesystems from /etc/fstab";
      Documentation = "man:fstrim(8)";
      ConditionVirtualization = "!container";
    };
    serviceConfig = {
      Type = "oneshot";
      ExecStart = "${pkgs.util-linux}/bin/fstrim --listed-in /etc/fstab:/proc/self/mountinfo --verbose --quiet-unsupported";
      PrivateDevices = "no";
      PrivateNetwork = "yes";
      PrivateUsers = "no";
      ProtectKernelTunables = "yes";
      ProtectKernelModules = "yes";
      ProtectControlGroups = "yes";
      MemoryDenyWriteExecute = "yes";
      SystemCallFilter = "@default @file-system @basic-io @system-service";
    };
  };
}