1 files changed, 4 insertions, 4 deletions

diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix
index 790af94a..bdedf5b6 100644
--- a/hosts/surtr/bifrost/default.nix
+++ b/hosts/surtr/bifrost/default.nix
@@ -14,7 +14,7 @@ in {
             Kind = "wireguard";
           };
           wireguardConfig = {
-            PrivateKeyFile = config.sops.secrets.bifrost.path;
+            PrivateKeyFile = "/run/credentials/systemd-networkd.service/bifrost.priv";
             ListenPort = 51822;
           };
           wireguardPeers = [
@@ -49,12 +49,12 @@ in {
         };
       };
     };
+    systemd.services."systemd-networkd".serviceConfig.LoadCredential = [
+      "bifrost.priv:${config.sops.secrets.bifrost.path}"
+    ];
     sops.secrets.bifrost = {
       format = "binary";
       sopsFile = ./surtr.priv;
-      mode = "0640";
-      owner = "root";
-      group = "systemd-network";
     };
   };
 }