diff --git a/roles/docker/files/docker-cleanup.service b/roles/docker/files/docker-cleanup.service
new file mode 100644
index 0000000..c3a4806
--- /dev/null
+++ b/roles/docker/files/docker-cleanup.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=cleanup unused docker data
+After=network-online.target docker.service
+Wants=network-online.target docker.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/docker system prune --all --force
diff --git a/roles/docker/files/docker-cleanup.timer b/roles/docker/files/docker-cleanup.timer
new file mode 100644
index 0000000..7acbb9d
--- /dev/null
+++ b/roles/docker/files/docker-cleanup.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=cleanup unused docker data every day
+
+[Timer]
+OnCalendar=daily
+RandomizedDelaySec=1h
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/docker/handlers/main.yaml b/roles/docker/handlers/main.yaml
new file mode 100644
index 0000000..ada2426
--- /dev/null
+++ b/roles/docker/handlers/main.yaml
@@ -0,0 +1,4 @@
+- name: systemd daemon reload
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+  become: true
diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml
index 8c8044d..ae08dcd 100644
--- a/roles/docker/tasks/main.yaml
+++ b/roles/docker/tasks/main.yaml
@@ -9,3 +9,7 @@
 - name: Ensure Docker daemon configuration
   ansible.builtin.import_tasks:
     file: main/03_docker_config.yaml
+
+- name: Ensure automatic cleanup of unused Docker data is set up
+  ansible.builtin.import_tasks:
+    file: main/04_docker_auto_cleanup.yaml
diff --git a/roles/docker/tasks/main/04_docker_auto_cleanup.yaml b/roles/docker/tasks/main/04_docker_auto_cleanup.yaml
new file mode 100644
index 0000000..ed43bfc
--- /dev/null
+++ b/roles/docker/tasks/main/04_docker_auto_cleanup.yaml
@@ -0,0 +1,28 @@
+- name: ensure systemd service exists
+  ansible.builtin.copy:
+    src: docker-cleanup.service
+    dest: /etc/systemd/system/docker-cleanup.service
+    owner: root
+    group: root
+    mode: "0644"
+  become: true
+  notify:
+    - systemd daemon reload
+
+- name: ensure systemd timer exists
+  ansible.builtin.copy:
+    src: docker-cleanup.timer
+    dest: /etc/systemd/system/docker-cleanup.timer
+    owner: root
+    group: root
+    mode: "0644"
+  become: true
+  notify:
+    - systemd daemon reload
+
+- name: ensure systemd timer is started and enabled
+  ansible.builtin.systemd_service:
+    name: docker-cleanup.timer
+    state: started
+    enabled: true
+  become: true
diff --git a/roles/docker_compose/tasks/main.yaml b/roles/docker_compose/tasks/main.yaml
index 5883716..bf02828 100644
--- a/roles/docker_compose/tasks/main.yaml
+++ b/roles/docker_compose/tasks/main.yaml
@@ -108,11 +108,3 @@
     minute: "0"
     hour: "5"
     job: "cd /ansible_docker_compose; docker compose pull && docker compose up -d"
-
-- name: ensure automatic cleanup cron job is present
-  become: true
-  ansible.builtin.cron:
-    name: 'ansible docker compose auto cleanup'
-    minute: "23"
-    hour: "4"
-    job: "docker system prune -a -f"