diff --git a/flake.lock b/flake.lock
index 02e9758..4f0a334 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2,16 +2,16 @@
   "nodes": {
     "flake-parts": {
       "inputs": {
-        "nixpkgs": [
+        "nixpkgs-lib": [
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1655570068,
-        "narHash": "sha256-KUSd2a6KgYTHd2l3Goee/P+DrAC6n1Tau+7V68czSZU=",
+        "lastModified": 1671322946,
+        "narHash": "sha256-J8Qj+ITV+eti+irTK9Zn2LZVYoIW2g7irPUckU8yZvU=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "6dbc77b9c0477f8a9a6a9081077bb38c6a3dbb3a",
+        "rev": "3f7172646953bf86dad5953bc45f0edae62ac445",
         "type": "github"
       },
       "original": {
@@ -22,16 +22,15 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1656938529,
-        "narHash": "sha256-j9hgKLoZZVYl/06Y2GzAhovGzfiuLzV5HX4kFEl+dTU=",
-        "owner": "Mic92",
+        "lastModified": 1671537075,
+        "narHash": "sha256-lAejYRUtM2SDTmHxcFLnx4W/P0URejhkl9DyqJ++PIc=",
+        "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "5f6d0be096ef78b0fd38c3211d17117457193b69",
+        "rev": "eb37a7f66312e845fba0b3cc7c36e727012b3dae",
         "type": "github"
       },
       "original": {
-        "owner": "Mic92",
-        "ref": "vault",
+        "owner": "NixOS",
         "repo": "nixpkgs",
         "type": "github"
       }
diff --git a/flake.nix b/flake.nix
index 8ad1ad1..ca80b8b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,17 +3,12 @@
 
   inputs = {
     flake-parts.url = "github:hercules-ci/flake-parts";
-    flake-parts.inputs.nixpkgs.follows = "nixpkgs";
-    # https://github.com/NixOS/nixpkgs/pull/180114
-    nixpkgs.url = "github:Mic92/nixpkgs/vault";
+    flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
+    nixpkgs.url = "github:NixOS/nixpkgs";
   };
 
-  outputs = {
-    self,
-    flake-parts,
-    ...
-  }:
-    flake-parts.lib.mkFlake {inherit self;} {
+  outputs = inputs @ {flake-parts, ...}:
+    flake-parts.lib.mkFlake {inherit inputs;} {
       systems = ["x86_64-linux" "aarch64-linux"];
       perSystem = {
         config,
diff --git a/nix/checks/nixos-test.nix b/nix/checks/nixos-test.nix
index 6471740..efd42ff 100644
--- a/nix/checks/nixos-test.nix
+++ b/nix/checks/nixos-test.nix
@@ -12,7 +12,11 @@ in {
   systemd-vaultd = makeTest' (import ./systemd-vaultd-test.nix);
   unittests = makeTest' {
     name = "unittests";
-    nodes.server = {};
+    nodes.server = {
+      imports = [
+        ../modules/systemd-vaultd.nix
+      ];
+    };
 
     testScript = ''
       start_all()
diff --git a/nix/checks/systemd-vaultd-test.nix b/nix/checks/systemd-vaultd-test.nix
index 5ef7c83..b980a95 100644
--- a/nix/checks/systemd-vaultd-test.nix
+++ b/nix/checks/systemd-vaultd-test.nix
@@ -53,17 +53,6 @@
       };
     };
 
-    systemd.package = pkgs.systemd.overrideAttrs (old: {
-      patches =
-        old.patches
-        ++ [
-          (pkgs.fetchpatch {
-            url = "https://github.com/Mic92/systemd/commit/93a2921a81cab3be9b7eacab6b0095c96a0ae9e2.patch";
-            sha256 = "sha256-7WlhMLE7sfD3Cxn6n6R1sUNzUOvas7XMyabi3bsq7jM=";
-          })
-        ];
-    });
-
     services.vault.agents.default.settings = {
       vault = {
         address = "http://localhost:8200";
diff --git a/nix/checks/unittests.nix b/nix/checks/unittests.nix
index 994fe42..c9c4d00 100644
--- a/nix/checks/unittests.nix
+++ b/nix/checks/unittests.nix
@@ -4,9 +4,9 @@
   pkgs,
   lib,
   coreutils,
-  systemd,
 }: let
   systemd-vaultd = pkgs.callPackage ../../default.nix {};
+  systemd = pkgs.callPackage ../pkgs/systemd.nix {};
 in
   writeShellScript "unittests" ''
     set -eu -o pipefail
diff --git a/nix/modules/systemd-vaultd.nix b/nix/modules/systemd-vaultd.nix
index aa42d5a..a574d84 100644
--- a/nix/modules/systemd-vaultd.nix
+++ b/nix/modules/systemd-vaultd.nix
@@ -10,6 +10,8 @@ in {
     ./vault-secrets.nix
   ];
 
+  systemd.package = pkgs.callPackage ../pkgs/systemd.nix {};
+
   systemd.sockets.systemd-vaultd = {
     description = "systemd-vaultd socket";
     wantedBy = ["sockets.target"];
diff --git a/nix/pkgs/systemd.nix b/nix/pkgs/systemd.nix
new file mode 100644
index 0000000..1ad18a8
--- /dev/null
+++ b/nix/pkgs/systemd.nix
@@ -0,0 +1,19 @@
+{
+  systemd,
+  fetchpatch,
+}:
+systemd.overrideAttrs (old: {
+  patches =
+    old.patches
+    ++ [
+      (fetchpatch {
+        url = "https://github.com/Mic92/systemd/commit/93a2921a81cab3be9b7eacab6b0095c96a0ae9e2.patch";
+        sha256 = "sha256-7WlhMLE7sfD3Cxn6n6R1sUNzUOvas7XMyabi3bsq7jM=";
+      })
+      # included in next release: https://github.com/systemd/systemd/pull/25721
+      (fetchpatch {
+        url = "https://github.com/systemd/systemd/commit/39ed2f02d0a00505fce34ce4281cc6e4f016ec6b.patch";
+        sha256 = "sha256-RD8GhOxzNNgC0KKThRaeF2uP8Y+Tt7kVSDtf1ukUwcI=";
+      })
+    ];
+})