diff --git a/configurations/nixos/tofu/default.nix b/configurations/nixos/tofu/default.nix
index d915261..74ecfbd 100644
--- a/configurations/nixos/tofu/default.nix
+++ b/configurations/nixos/tofu/default.nix
@@ -16,6 +16,14 @@ in
     self.nixosModules.default
     "${modulesPath}/virtualisation/lxc-container.nix"
   ];
+  sops.secrets = {
+    otfenv = {
+      owner = "otf";
+      group = "otf";
+      mode = "0550";
+    };
+  };
+
   services = {
     tty-ips.enable = true;
     otf = {
diff --git a/modules/nixos/common/sops.nix b/modules/nixos/common/sops.nix
index b63d766..b55e309 100644
--- a/modules/nixos/common/sops.nix
+++ b/modules/nixos/common/sops.nix
@@ -11,12 +11,6 @@
   ];
   sops = {
     defaultSopsFile = ../../../secrets.yaml;
-    secrets = {
-      otfenv = {
-        owner = "otf";
-        group = "otf";
-        mode = "0550";
-      };
-    };
+
   };
 }