diff --git a/modules/nixos/services/cloudflared.nix b/modules/nixos/services/cloudflared.nix
index 457d5ac..03d99a9 100644
--- a/modules/nixos/services/cloudflared.nix
+++ b/modules/nixos/services/cloudflared.nix
@@ -1,8 +1,8 @@
-{ pkgs, inputs, ... }: 
-let
-  secrets = import ../../../secrets/secrets.nix;
-in 
+{ lib, config, pkgs, inputs, ... }: 
 {
+  imports = [
+    ../../../secrets/secrets.nix 
+  ];
 
   users.users.cloudflared = {
     group = "cloudflared";
@@ -14,7 +14,7 @@ in
     wantedBy = [ "multi-user.target" ];
     after = [ "network-online.target" "systemd-resolved.service" ];
     serviceConfig = {
-      ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token=${secrets.cloudflared.nyx.token}";
+      ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token=${sops.secrets.cloudflared.nyx.token}";
       Restart = "always";
       User = "cloudflared";
       Group = "cloudflared";
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 19c6c81..0e5e705 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,12 +1,14 @@
-{ pkgs, inputs, config, ... }:
+{ inputs, lib, ... }: 
 {
-  imports = [
-    inputs.sops-nix.nixosModules.sops
-  ];
+  imports = [ inputs.sops-nix.nixosModules.sops ];
 
   sops = {
     defaultSopsFile = ./secrets.yaml;
     defaultSopsFormat = "yaml";
     age.keyFile = "/home/pingu/.config/sops/age/keys.txt";
+
+    secrets = {
+      cloudflared.nyx.token = {};
+    };
   };
 }