diff --git a/nixos/secrets.nix b/nixos/secrets.nix
index 31238340..75885772 100644
--- a/nixos/secrets.nix
+++ b/nixos/secrets.nix
@@ -23,8 +23,9 @@
         RestartSec = 5;
         Restart = "onfailure";
         ExecStart =
-          let path = config.age.secrets.gpg-keys.path;
-              passphrasePath = config.age.secrets.gpg-passphrase.path;
+          let replace = builtins.replaceStrings [ "$XDG_RUNTIME_DIR" ] [ "\${XDG_RUNTIME_DIR}" ];
+              path = replace config.age.secrets.gpg-keys.path;
+              passphrasePath = replace config.age.secrets.gpg-passphrase.path;
           in "${pkgs.gnupg}/bin/gpg --pinentry-mode loopback --passphrase-file ${passphrasePath} --import ${path}";
       };
     };