diff --git a/.sops.yaml b/.sops.yaml
index c318963..cf99a30 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -7,7 +7,7 @@ keys:
   - &A_sky age1g4j0hun2ttt7h8870zf5pm7nqgw9p23r6mjj9vpm4guqetvth34s8v3t3w
   - &S_tofu age1mfsjys8gzazkzurcpz2grcdljmzq0zvsllk8j7ssse6wt52jrglq5t59u8
   - &S_observer age1hc8vdkk34rqfnlxm6xuzwyyl63r24f2xkkjfrfxzv3aveglklfmsxgll9q
-  - &S_graylog age100esdvd2n4fqzg5f233mct6u8hu3j4m5ed676fqx0r2xmnu25fjs8hpz8e
+  - &S_graylog age1jp77cvhn0guu4n9rtg0pz354zvuccurh6n3xqrc35yaxx93asv9qfpkk6
 creation_rules:
   - path_regex: secrets\.yaml
     key_groups:
diff --git a/configurations/nixos/graylog-tofu/default.nix b/configurations/nixos/graylog-tofu/default.nix
index 825a790..a086028 100644
--- a/configurations/nixos/graylog-tofu/default.nix
+++ b/configurations/nixos/graylog-tofu/default.nix
@@ -25,9 +25,9 @@ in
     ];
 
   sops.secrets.graylog = {
-    mode = "0400";
-    owner = "graylog";
-    group = "graylog";
+    mode = "0444";
+    # owner = "graylog";
+    # group = "graylog";
   };
 
   systemd.services.graylog = {