diff --git a/modules/system/sops.nix b/modules/system/sops.nix
index a63f45e..d3c9767 100644
--- a/modules/system/sops.nix
+++ b/modules/system/sops.nix
@@ -17,23 +17,6 @@ in
       defaultSopsFormat = "yaml";
       age.keyFile = "/home/blake/.config/sops/age/keys.txt";
 
-      secrets = {
-        # define secrets with the following syntax
-        # secret path is the nesting of headings in the yaml file
-        # the secret is auto place in /run/<path to secret> path allows you to symlink to the /run to where ever is needed
-        # "<secret_name/path>" = {
-        #   owner = "<user>";
-        #   group = "<group>";
-        #   path = "<path on system to place flile>"
-        # };
-
-        "tailscale_authkey" = lib.mkIf config.modules.system.tailscale.enable { 
-          owner = "root";
-        };
-        "borg_passwd" = lib.mkIf config.modules.system.backups.enable { 
-          owner = "root";
-          group = "root";
-        };
 
         "blake_passwd" = lib.mkIf config.users.blake.enable { 
           owner = "root";
diff --git a/modules/system/tailscale.nix b/modules/system/tailscale.nix
index b576664..a4c67f6 100644
--- a/modules/system/tailscale.nix
+++ b/modules/system/tailscale.nix
@@ -15,5 +15,10 @@ in
       useRoutingFeatures = "both";
       authKeyFile = authkey_file;
     };
+      # declare authkey secrets
+      sops.secrets = {
+        "tailscale_authkey" = { 
+          owner = "root";
+        };
   };
 }