diff --git a/machines/desko/default.nix b/machines/desko/default.nix
index 59051baf7..08ea8e7c7 100644
--- a/machines/desko/default.nix
+++ b/machines/desko/default.nix
@@ -6,6 +6,8 @@
 
   sane.gui.sway.enable = true;
   sane.services.duplicity.enable = true;
+  sane.services.nixserve.enable = true;
+  sane.services.nixserve.sopsFile = ../../secrets/desko.yaml;
   sane.impermanence.enable = true;
 
   boot.loader.efi.canTouchEfiVariables = false;
diff --git a/modules/services/nixserve.nix b/modules/services/nixserve.nix
index 446036b53..ee8f09185 100644
--- a/modules/services/nixserve.nix
+++ b/modules/services/nixserve.nix
@@ -13,6 +13,10 @@ in
       default = false;
       type = types.bool;
     };
+    sane.services.nixserve.sopsFile = mkOption {
+      default = ../../secrets/servo.yaml;
+      type = types.path;
+    };
   };
 
   config = mkIf cfg.enable {
@@ -22,7 +26,7 @@ in
     };
 
     sops.secrets.nix_serve_privkey = {
-      sopsFile = ../../secrets/servo.yaml;
+      sopsFile = cfg.sopsFile;
     };
   };
 }
diff --git a/secrets/desko.yaml b/secrets/desko.yaml
index b0f84091f..8ef3d98b1 100644
--- a/secrets/desko.yaml
+++ b/secrets/desko.yaml
@@ -1,4 +1,6 @@
 duplicity_passphrase: ENC[AES256_GCM,data:rzUfcxe5YPloOrqgVwdCjsccexWc5RvmFf1i3Xs459iVTfWHlVJeT/IqReY6ZqdAkPJteTtrUZzak2GXyRUkE13+W0kE8isnDjPX/YDQwoK2sa+dwc4xGTekboc0gf6HH3vQpF1aiJDBfb3GtGyDVLH9MVIRPJGXSztZBduUDezA2wAx2wI=,iv:EHJg8kE/07v+ySSFDtW4FA4y1y/+fcGxfNCWoainwBI=,tag:S3ecM4DbDl8jqXLRKipZmQ==,type:str]
+#ENC[AES256_GCM,data:yU9cr6MXjS4m69BeIUjUw477wt4c1djYof3Qlfr4Dytv8hWqCuqThDwQTMY5jfHdv5ipS0aEjf7GWu2M2t9W88fYdxnTN2m8IfYZp76YcjxO4fup5BXiLGIjnm+qI0g=,iv:nPo8FyGiyLRQozE4kZ6Rei6CObvbVynOs3jdMvdkpZw=,tag:+4esxPiewSsjwao6ZhAMxA==,type:comment]
+nix_serve_privkey: ENC[AES256_GCM,data:/Ph9J00cV7PcfpJw/NWcBpkQR+a0SQyHv1jmF4CkH+Uj8l+cRcXWynAc2APenMSfHdighXMqjsXuwRbGo0S57YuMXQjFbI8jhbXEhhAWlmET1q7uRaaZRSgq34qABw==,iv:LLYgLauPsD+3mx1GTjEUkiXgdWsnqixCJl4UfSdS5Ac=,tag:S7V6GKezS/JsbZVfq9DjjA==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -32,8 +34,8 @@ sops:
             Si9kT0ZMUnJJWlhUZ3FFakZFaDlPdEEKXtWfh6wdGPin1h/UUs21cdspddpW1YDq
             rCKS2DI2KWdgciih9FnmWGAwGUhB3uhimUr6hgho4z+dZfLrpoP1PA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2022-06-10T08:41:13Z"
-    mac: ENC[AES256_GCM,data:51N4a+P+eXVAdPFAI3h4TFKsR6IOGBnyusW4k7ZrMOleH1l4C3khYaUmCoE1nnLlmD2q+kmtdGdU6FWyB7BYiSytjqvQa0WumEhf5PpOtj5k+55c1sljvtK58BxQd7N5Th+R4VmlqZ7LXviwzIb8OkoiCf0yC+jxZRi/2MQiKC4=,iv:Jjrrnp7isbmEP9vAYZ+lVRit2RNbrq2unXzuZD8C/2Q=,tag:HvKUFKdhE3O75o8hX+hIsA==,type:str]
+    lastmodified: "2022-09-14T21:34:55Z"
+    mac: ENC[AES256_GCM,data:Zex69KG2a2Rxyodyci40azr9qGbA5XwH4Qhip0BDbrJymHjZzqCeRDKjdHjAWXPdPyglvUY0kADfm7xxlE1zU84oOahI9FldADtQrGUWS0elU+a3F93LVNGlhlKc+g8JGzUyBvPr6Toi52L2hI18K5bmWFPesczWedL07r85s9M=,iv:W+SMAX0HY5GbAqqgXWbSxm4wbzXZt5PEsLhwWcxkRWY=,tag:VPnw2X+6i0EyiFB3rkon8Q==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3