diff --git a/hosts/sid/services/nginx.nix b/hosts/sid/services/nginx.nix
index 0cbeb6c..4ee8c2b 100644
--- a/hosts/sid/services/nginx.nix
+++ b/hosts/sid/services/nginx.nix
@@ -51,6 +51,8 @@ in
       credentialsFile = config.sops.templates.hetzner-dns-api-key.path;
     };
   };
+  sops.secrets.hetzner-dns-api-key = { };
+  sops.templates.hetzner-dns-api-key.content = "HETZNER_API_TOKEN=${config.sops.placeholder.hetzner-dns-api-key}";
 
   services.nginx = {
     enable = true;
@@ -112,18 +114,4 @@ in
     #   };
     # };
   };
-
-  sops =
-    let
-      owner = "acme";
-      group = "acme";
-      mode = "0400";
-    in
-    {
-      secrets.hetzner-dns-api-key = { inherit owner group mode; };
-      templates.hetzner-dns-api-key = {
-        inherit owner group mode;
-        content = "HETZNER_API_TOKEN=${config.sops.placeholder.hetzner-dns-api-key}";
-      };
-    };
 }