diff --git a/flake.lock b/flake.lock
index f37b204..40a3065 100644
--- a/flake.lock
+++ b/flake.lock
@@ -296,6 +296,20 @@
         "type": "github"
       }
     },
+    "nixpkgs_4": {
+      "locked": {
+        "lastModified": 1758763312,
+        "narHash": "sha256-puBMviZhYlqOdUUgEmMVJpXqC/ToEqSvkyZ30qQ09xM=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "e57b3b16ad8758fd681511a078f35c416a8cc939",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
     "nixvim": {
       "inputs": {
         "flake-parts": "flake-parts_2",
@@ -393,6 +407,27 @@
         "type": "github"
       }
     },
+    "pyproject-nix_2": {
+      "inputs": {
+        "nixpkgs": [
+          "timecard-bot",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1758265079,
+        "narHash": "sha256-amLaLNwKSZPShQHzfgmc/9o76dU8xzN0743dWgvYlr8=",
+        "owner": "nix-community",
+        "repo": "pyproject.nix",
+        "rev": "02e9418fd4af638447dca4b17b1280da95527fc9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "pyproject.nix",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
         "authentik-nix": "authentik-nix",
@@ -400,7 +435,8 @@
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs_2",
         "nixvim": "nixvim",
-        "sops-nix": "sops-nix"
+        "sops-nix": "sops-nix",
+        "timecard-bot": "timecard-bot"
       }
     },
     "sops-nix": {
@@ -466,6 +502,26 @@
         "type": "github"
       }
     },
+    "timecard-bot": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_4",
+        "pyproject-nix": "pyproject-nix_2"
+      },
+      "locked": {
+        "lastModified": 1758911329,
+        "narHash": "sha256-ZYAG5ZegC+NjH59Jgmi1lyn2UyyVHzvC3UVm99wIE4M=",
+        "owner": "Gleipnir-Technology",
+        "repo": "timecard-bot",
+        "rev": "8c81b6683f97aa2712323836e629adf102be58ac",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Gleipnir-Technology",
+        "repo": "timecard-bot",
+        "rev": "8c81b6683f97aa2712323836e629adf102be58ac",
+        "type": "github"
+      }
+    },
     "uv2nix": {
       "inputs": {
         "nixpkgs": [
diff --git a/flake.nix b/flake.nix
index a65bb90..7d45688 100644
--- a/flake.nix
+++ b/flake.nix
@@ -19,9 +19,10 @@
 			inputs.nixpkgs.follows = "nixpkgs";
 		};
 		sops-nix.url = "github:Mic92/sops-nix";
+		timecard-bot.url = "github:Gleipnir-Technology/timecard-bot?rev=8c81b6683f97aa2712323836e629adf102be58ac";
 	};
 
-	outputs = { self, authentik-nix, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}:
+	outputs = { self, authentik-nix, disko, home-manager, nixpkgs, nixvim, sops-nix, timecard-bot, ...}:
 		let
 			configFiles = pkgs.stdenv.mkDerivation {
 			name = "config-files";
@@ -37,7 +38,7 @@
 			nixosConfigurations = {
 				corp = import ./system.nix {
 					configuration = ./host/corp/configuration.nix;
-					inherit authentik-nix configFiles disko home-manager nixpkgs nixvim sops-nix system;
+					inherit authentik-nix configFiles disko home-manager nixpkgs nixvim sops-nix system timecard-bot;
 				};
 				"sync.nidus.cloud" = import ./system.nix {
 					configuration = ./host/sync/configuration.nix;
diff --git a/modules/system/timecardbot.nix b/modules/system/timecardbot.nix
index b115182..aa01617 100644
--- a/modules/system/timecardbot.nix
+++ b/modules/system/timecardbot.nix
@@ -1,21 +1,43 @@
-{ pkgs, lib, config, ... }:
+{ config, lib, pkgs, timecard-bot, ... }:
 with lib;
 let
-	timecardBotSrc = pkgs.fetchFromGitHub {
-		owner  = "Gleipnir-Technology";
-		repo   = "timecard-bot";
-		rev    = "00b2850655295513c1e99a519d1d59c3b9847122";
-		sha256 = "1f78jm3jgzwzc69q1h9nplmcbz5hb9l74phyhzkbfjb99n3vrf1q";
-	};
-	timecardBotFlake = (import timecardBotSrc);
-	timecardBotPackage = timecardBotFlake.packages.${pkgs.system}.default;
+	timecard-bot-pkg = timecard-bot.packages.x86_64-linux.default;
 in
 {
 	options.myModules.timecardbot.enable = mkEnableOption "custom timecardbot configuration";
 
 	config = mkIf config.myModules.timecardbot.enable {
-		#environment.systemPackages = with pkgs; [
-			#timecardBotPackage
-		#];
+		environment.systemPackages = with pkgs; [
+			timecard-bot-pkg
+		];
+		sops.secrets.timecarder-env = {
+			format = "dotenv";
+			group = "timecarder";
+			mode = "0440";
+			owner = "timecarder";
+			restartUnits = ["timecarder.service"];
+			sopsFile = ../../secrets/timecarder.env;
+		};
+		systemd.services.timecarder = {
+			after=["network.target" "network-online.target"];
+			description="Timecarder Matrix bot";
+			requires=["network-online.target"];
+			serviceConfig = {
+				EnvironmentFile="/var/run/secrets/timecarder-env";
+				Type = "simple";
+				User = "timecarder";
+				Group = "timecarder";
+				ExecStart = "${timecard-bot-pkg}/bin/timecardbot";
+				TimeoutStopSec = "5s";
+				PrivateTmp = true;
+				WorkingDirectory = "/tmp";
+			};
+			wantedBy = ["multi-user.target"];
+		};
+		users.groups.timecarder = {};
+		users.users.timecarder = {
+			group = "timecarder";
+			isSystemUser = true;
+		};
 	};
 }
diff --git a/secrets/timecarder.env b/secrets/timecarder.env
new file mode 100644
index 0000000..6c050bb
--- /dev/null
+++ b/secrets/timecarder.env
@@ -0,0 +1,17 @@
+BOT_TOKEN=ENC[AES256_GCM,data:Mn5/BuGWUBA+ZizmK30S7Tn4ODLQh7FQqBHXcNY1sRaZExLUPfqeBclR9CuYRw==,iv:ZnxqYf9N/HkwZoqZnYQymbG61IE5H6oq2qDZd2HOY0w=,tag:KyTV+qfC/vMwfZKLeOyNCw==,type:str]
+sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqRlgxVmdibWFKaGVGN0Y5\nMmJIZk9ITzY2MWkyNFc5a1YvVW5hUGwvZG44CmQyY1U4ZWRjeERHMVZ4cHFVS3d0\nKy9ORzkwMUo1RllNMWFJSEpRSElQWm8KLS0tIEQ0VEFuVlg2WHJFb3dLb1VDTGJo\neXFlcUpUeitCQ1dCUHowSVkrL0dPem8Kiivb89r+yOaE8qZsL8EA2GLvV+NUXikX\nps+wt1zwkzQpB3wBAQQaVdhlkMkOD50i2IwjpSBhe/1xY+SxlPwEFw==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_0__map_recipient=age1fnkhk9rv7r8gh84vxnhvndk4fgh20qcj4hvnfhdpumcydl6m6vrse50lrz
+sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwYlAzekFuQmZSUmEvRkFT\nUVdObXdnbFRCQ3ZYYWhWN0FLNUpCMW1SSVJvCldBUDFVQjdDMGNLSTNBaGdEamw4\nbWIwbFY4bk9jbGwyR3hWWkJtNDlkaGMKLS0tIGNKam5VQ3pFSUFPV29mVHVScEdm\nVHZSTllMaUFOVERJVXF2bkF3Y083YkkKBL8HX6n6qqENXlPBa+OzWRt8NmEyvNyQ\nf2EP9S3y1nb89uNUi8I71MmNLAqeBWm5yjiGkHf278oObbiwy74Z/Q==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_1__map_recipient=age1x704pjnueguchkl54ly8w4w26ltys5900v7xnl7w3zlgasus09jszz45t8
+sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsdlFhZjFQT3FnQVUyYzNF\nTkFVd1ZpbUNPaTcwT0txMXpzQngzVXhLNTNzCmR5RjFVRjZiS3ZCMlQycTVZTHlX\nY1U3RzdaWDhVOFVOVER3aEN3U2dsZlUKLS0tIEZqUFNyTUpYYmtSUFI4T3ZGdFI0\ncTZSM2JjbTk2OE1DbmR4L0E1ZVNQeGcKKCnTIyCpwntmooj7+LW4dv4avBXiuTQQ\nVI0mcZEKqFA5MlmOdCCPPQHUxoHWEyVxNA99pLBHeFEdf9CgOUEpUA==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_2__map_recipient=age15y4k929zaj9fdg3vd40pa40tgvrgv9mn22xfummn5zxfmkcw5d0st6prjx
+sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnT1FzMjRuMElNQ1NQc3Q3\nUXRIQ09ITGh6WDNtY3VKSVU0enQvV2pVcEQwCmhlQkFEeWVKTWRMUVVZN1FCTTV0\nVGlVb0VIbUdGc1d6R0w2Z3NGUEJjZEUKLS0tIGpxZE5EUUxRSkE2MmRoT3NYRjlJ\nTU9vdGxsTkthNlBiNGVLYVFNZHNDOWcKGUGezk+wXb9RgtYs9VT/SvZCvlwGC+vV\nufmvpZIr9CGcy/xZc0iewes2QEEUe8BV81aEIoFQJ6K+8e5kPIbSIw==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_3__map_recipient=age1ck44jqpuz3zlthquvuh7wsemrjrgfzhn462sk7rlfetwxpgy0uqs79xn2h
+sops_age__list_4__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5dkpJblVyMmR5Z0pGclpx\nOGFFTGMrSEpVNXkyZit6Vzl0ZUFoU1pQTEZjCkZqT3RjRkNnZVYzU21UazZ2YVNx\nTDNNdE53KzRUYUJUb2pBSytMenlmUUEKLS0tIFV0Y2NSekx6ZC9GM09NU2pWRGFO\nNy9jaUl6TnpJbmZJRS9idnVPOWk5cTgKR3+9ohXjvKgJ+rHNn33Z4O8736KGY9Qu\nrXr5f6TKxiCOZCOw8sB/A6kNwb7FwZauiz3LD/8vhWfQyszla7jEBA==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_4__map_recipient=age1t3ryfktuhr3cysf49m9q2n8fkjf9ajjjnhztxw9hz8paxgk4lpcq065jge
+sops_age__list_5__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3cnorR0R2RzdYU2xqN0FU\naEUrQXJER3ZwSG43cWlyVmM1QVNhNFd4V2p3CnpaV045ZHFIMU1EQkNieWk1NFFB\ncDJFVmRYaTRWL3BLVWRybVV3S09ma0EKLS0tIElsMHFmUWZTdUIyRHdrZzQ2RHlz\ncFhBR0xjNnZYZk1MdFoycVM3dyt3WkUKEl2wDC96dJMP7VDZ4VTzYgyU4X7OZjZ9\noEnFbLrLpjiaP6pCbCJdRyvuNZ+rV4PsuZqejle4fkS/sVfEn95Wbg==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_5__map_recipient=age1j90h7hcp4fctr2xwj4zf9cxuelm43wkujvryc9hk6rzzc37rwdmss035w7
+sops_lastmodified=2025-09-26T18:30:47Z
+sops_mac=ENC[AES256_GCM,data:fFI//XwovLeT8M40kzb4Lr9lCl+7ZVEARxj1OsaMbKMgJq/x5sfecPjKtEMHdj5lcPbKsOJ0bjr9eN1/6RQ2pzJECXgDcs3c4jdofvANHDrtiUXjwv4BZ7gUdTVYsSpPHWO2SUAehjWHGEczkQUm+5/U1fJ1DtaKGzv3euvqB3o=,iv:OHn4abMYhEeHjhK1heyUwwVjv3WEpolfpYNu5Psl7rg=,tag:BLKZzuqtDuT7SM3NvTGTzg==,type:str]
+sops_unencrypted_suffix=_unencrypted
+sops_version=3.10.2
diff --git a/system.nix b/system.nix
index 97e1513..2449662 100644
--- a/system.nix
+++ b/system.nix
@@ -1,4 +1,4 @@
-{ authentik-nix, configFiles, configuration, disko, home-manager, nixpkgs, nixvim, sops-nix, system, ... }:
+{ authentik-nix, configFiles, configuration, disko, home-manager, nixpkgs, nixvim, sops-nix, system, timecard-bot, ... }:
 let 
 	allowed-unfree-packages = [
 		"corefonts"
@@ -37,7 +37,7 @@ in nixpkgs.lib.nixosSystem {
 		system = "${system}";
 	};
 	specialArgs = {
-		inherit configFiles;
+		inherit configFiles timecard-bot;
 	};
 	system = "${system}";
 }