diff --git a/roles/archweb/defaults/main.yml b/roles/archweb/defaults/main.yml
index d28dfc63f175faaa8b89eb4d2f5cc2afcef20504..0549cefb6a8ee37c94b827a13e46a9aa47e7ee79 100644
--- a/roles/archweb/defaults/main.yml
+++ b/roles/archweb/defaults/main.yml
@@ -13,7 +13,7 @@ archweb_domains_templates:
 archweb_allowed_hosts: ["{{ archweb_domain }}", 'ipxe.archlinux.org']
 archweb_nginx_conf: '/etc/nginx/nginx.d/archweb.conf'
 archweb_repository: 'https://github.com/archlinux/archweb.git'
-archweb_version: release_2020-06-05
+archweb_version: release_2020-06-29
 archweb_pgp_key: ['E499C79F53C96A54E572FEE1C06086337C50773E']
 archweb_site: true
 archweb_mirrorcheck: false
diff --git a/roles/archweb/tasks/main.yml b/roles/archweb/tasks/main.yml
index adbf78c7c6e66a678f46be9d7ad99c9eacd3894c..30f57ffa0264475b75bb761b0a02f39caf552c8a 100644
--- a/roles/archweb/tasks/main.yml
+++ b/roles/archweb/tasks/main.yml
@@ -177,6 +177,18 @@
     - daemon reload
   when: archweb_planet
 
+- name: install rebuilderd status service
+  template: src="archweb-rebuilderd.service.j2" dest="/etc/systemd/system/archweb-rebuilderd.service" owner=root group=root mode=0644
+  notify:
+    - daemon reload
+  when: archweb_site
+
+- name: install rebulderd timer
+  template: src="archweb-rebuilderd.timer.j2" dest="/etc/systemd/system/archweb-rebuilderd.timer" owner=root group=root mode=0644
+  notify:
+    - daemon reload
+  when: archweb_site
+
 - name: install pgp_import service
   template: src="archweb-pgp_import.service.j2" dest="/etc/systemd/system/archweb-pgp_import.service" owner=root group=root mode=0644
   notify:
@@ -292,6 +304,10 @@
   service: name="archweb-planet.timer" enabled=yes state=started
   when: archweb_planet
 
+- name: start and enable archweb rebulderd update timer
+  service: name="archweb-rebuilderd.timer" enabled=yes state=started
+  when: archweb_site
+
 - name: start and enable archweb donor_import and archweb-dump_donor_mail timer
   systemd:
     name: "{{ item }}"
diff --git a/roles/archweb/templates/archweb-rebuilderd.service.j2 b/roles/archweb/templates/archweb-rebuilderd.service.j2
new file mode 100644
index 0000000000000000000000000000000000000000..62cffeb9450c3f507bdc785ee3e87c0f07fc362a
--- /dev/null
+++ b/roles/archweb/templates/archweb-rebuilderd.service.j2
@@ -0,0 +1,27 @@
+[Unit]
+Description=archweb update rebuilderd status service
+After=network.target
+
+[Service]
+Type=oneshot
+User=archweb
+WorkingDirectory={{ archweb_dir }}
+ExecStart={{ archweb_dir }}/env/bin/python manage.py read_reproducible_status -v3
+
+ProtectSystem=full
+PrivateTmp=true
+PrivateDevices=true
+
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+
+NoNewPrivileges=true
+RestrictRealtime=true
+# Unable to enable due to https://cffi.readthedocs.io/en/latest/using.html#callbacks
+#MemoryDenyWriteExecute=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/archweb/templates/archweb-rebuilderd.timer.j2 b/roles/archweb/templates/archweb-rebuilderd.timer.j2
new file mode 100644
index 0000000000000000000000000000000000000000..38a79c696ec1ac11a3bcd6e84240cca54f0ba8a9
--- /dev/null
+++ b/roles/archweb/templates/archweb-rebuilderd.timer.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=archweb rebuilderd timer
+
+[Timer]
+OnUnitActiveSec=60m
+OnBootSec=15min
+RandomizedDelaySec=1min
+
+[Install]
+WantedBy=timers.target