diff --git a/home-manager/default.nix b/home-manager/default.nix
index 6a5da41..ccdcbff 100644
--- a/home-manager/default.nix
+++ b/home-manager/default.nix
@@ -12,7 +12,7 @@
     ./gnome.nix
     ./syncthing.nix
     ./vscode.nix
-    inputs.sops-nix.homeManagerModules.sops
+    ./sops.nix
     inputs.nix-index-database.hmModules.nix-index
   ];
 
@@ -245,13 +245,4 @@
       };
     };
   };
-
-  sops = {
-    age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt";
-    defaultSopsFile = "${self}/secrets/pim.yaml";
-
-    secrets = {
-      "keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini";
-    };
-  };
 }
diff --git a/home-manager/sops.nix b/home-manager/sops.nix
new file mode 100644
index 0000000..88c2112
--- /dev/null
+++ b/home-manager/sops.nix
@@ -0,0 +1,23 @@
+{
+  self,
+  config,
+  inputs,
+  lib,
+  ...
+}: let
+  cfg = config.pim.sops;
+in {
+  imports = [inputs.sops-nix.homeManagerModules.sops];
+  options.pim.sops.enable = lib.mkEnableOption "sops";
+
+  config = lib.mkIf cfg.enable {
+    sops = {
+      age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt";
+      defaultSopsFile = "${self}/secrets/pim.yaml";
+
+      secrets = {
+        "keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini";
+      };
+    };
+  };
+}
diff --git a/machines/sue/home.nix b/machines/sue/home.nix
index 935edd7..1608b6e 100644
--- a/machines/sue/home.nix
+++ b/machines/sue/home.nix
@@ -7,6 +7,7 @@
       syncthing.enable = true;
       neovim.enable = true;
       firefox.enable = true;
+      sops.enable = true;
     };
 
     home.packages =
diff --git a/nixos/sops.nix b/nixos/sops.nix
index 70e206f..c156b19 100644
--- a/nixos/sops.nix
+++ b/nixos/sops.nix
@@ -12,7 +12,7 @@ in {
   options.pim.sops.enable = lib.mkEnableOption "sops";
 
   config = lib.mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [sops];
+    environment.systemPackages = [pkgs.sops];
 
     sops = {
       age.keyFile = "/home/pim/.config/sops/age/keys.txt";