diff --git a/cluster/machines/modules/base.nix b/cluster/machines/modules/base.nix
index 9740d1d5..9ad36846 100644
--- a/cluster/machines/modules/base.nix
+++ b/cluster/machines/modules/base.nix
@@ -114,6 +114,13 @@ in {
   
     # Enable the OpenSSH daemon.
     services.openssh.enable = true;
+
+    # Enable fstrim, as we run / on SSDs everywhere.
+    services.fstrim = {
+      enable = true;
+      interval = "daily";
+    };
+
     users.users.root.openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD4VJXAXEHEXZk2dxNwehneuJcEGkfXG/U7z4fO79vDVIENdedtXQUyLyhZJc5RTEfHhQj66FwIqzl7mzBHd9x9PuDp6QAYXrkVNMj48s6JXqZqBvF6H/weRqFMf4a2TZv+hG8D0kpvmLheCwWAVRls7Jofnp/My+yDd57GMdsbG/yFEf6WPMiOnA7hxdSJSVihCsCSw2p8PD4GhBe8CVt7xIuinhutjm9zYBjV78NT8acjDUfJh0B1ODTjs7nuW1CC4jybSe2j/OU3Yczj4AxRxBNWuFxUq+jBo9BfpbKLh+Tt7re+zBkaicM77KM/oV6943JJxgHNBBOsv9scZE7 q3k@amnesia"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
diff --git a/cluster/machines/modules/kube-dataplane.nix b/cluster/machines/modules/kube-dataplane.nix
index 693d6333..7e2066f9 100644
--- a/cluster/machines/modules/kube-dataplane.nix
+++ b/cluster/machines/modules/kube-dataplane.nix
@@ -80,7 +80,9 @@ in {
         clusterDns = "10.10.12.254";
         kubeconfig = pki.kube.kubelet.config;
         extraOpts = ''
-          --read-only-port=0
+          --read-only-port=0 \
+          --image-gc-high-threshold=60 \
+          --image-gc-low-threshold=40
         '';
         package = config.hscloud.kube.packageKubelet;
       };