diff --git a/nixos/modules/virtualisation/google-compute-image.nix b/nixos/modules/virtualisation/google-compute-image.nix
index 9a4d11d550a1..697423ac60be 100644
--- a/nixos/modules/virtualisation/google-compute-image.nix
+++ b/nixos/modules/virtualisation/google-compute-image.nix
@@ -121,19 +121,6 @@ in
 
   networking.usePredictableInterfaceNames = false;
 
-  systemd.services.wait-metadata-online = {
-    description = "Wait for GCE metadata server to become reachable";
-    wantedBy = [ "network-online.target" ];
-    before = [ "network-online.target" ];
-    path = [ pkgs.netcat ];
-    script = ''
-      # wait for the metadata server to become available for up to 60 seconds
-      for counter in {1..30}; do sleep 2 && nc -vzw 2 metadata 80 && break; done
-    '';
-    serviceConfig.Type = "oneshot";
-    serviceConfig.RemainAfterExit = true;
-  };
-
   systemd.services.fetch-ssh-keys =
     { description = "Fetch host keys and authorized_keys for root user";
 
@@ -142,14 +129,15 @@ in
       after = [ "network-online.target" ];
       wants = [ "network-online.target" ];
 
-      path  = [ pkgs.curl ];
+      path  = [ pkgs.wget ];
       script =
         ''
+          wget="wget --retry-connrefused -t 6 --waitretry=10"
           # Don't download the SSH key if it has already been downloaded
           if ! [ -e /root/.ssh/authorized_keys ]; then
                 echo "obtaining SSH key..."
                 mkdir -p /root/.ssh
-                curl -o /root/authorized-keys-metadata http://metadata/0.1/meta-data/authorized-keys
+                $wget -O /root/authorized-keys-metadata http://metadata/0.1/meta-data/authorized-keys
                 if [ $? -eq 0 -a -e /root/authorized-keys-metadata ]; then
                     cat /root/authorized-keys-metadata | cut -d: -f2- > /root/key.pub
                     if ! grep -q -f /root/key.pub /root/.ssh/authorized_keys; then
@@ -162,7 +150,7 @@ in
           fi
 
           echo "obtaining SSH private host key..."
-          curl -o /root/ssh_host_ecdsa_key  --retry-max-time 60 http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key
+          $wget -O /root/ssh_host_ecdsa_key  http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key
           if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key ]; then
               mv -f /root/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key
               echo "downloaded ssh_host_ecdsa_key"
@@ -170,7 +158,7 @@ in
           fi
 
           echo "obtaining SSH public host key..."
-          curl -o /root/ssh_host_ecdsa_key.pub --retry-max-time 60 http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub
+          $wget -O /root/ssh_host_ecdsa_key.pub http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub
           if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key.pub ]; then
               mv -f /root/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub
               echo "downloaded ssh_host_ecdsa_key.pub"
@@ -179,7 +167,7 @@ in
         '';
       serviceConfig.Type = "oneshot";
       serviceConfig.RemainAfterExit = true;
+      serviceConfig.StandardError = "journal+console";
+      serviceConfig.StandardOutput = "journal+console";
      };
-
-
 }