diff --git a/README.org b/README.org
index cf3fce8..13579ad 100644
--- a/README.org
+++ b/README.org
@@ -2,7 +2,7 @@
 ** [[file:docs/install.org][Installing]]
 ** Rebuilding
 #+BEGIN_SRC bash
-sudo nixos-rebuild switch --impure --flake '.#reykjavik'
+sudo nixos-rebuild switch --impure --flake ".#${HOST}"
 #+END_SRC
 ** Modules
 *** Desktop environment
diff --git a/hosts/reykjavik/secrets.nix b/hosts/reykjavik/secrets.nix
new file mode 100644
index 0000000..ada828e
--- /dev/null
+++ b/hosts/reykjavik/secrets.nix
@@ -0,0 +1,30 @@
+{ ... }:
+
+{
+  age.secrets = {
+    # Consul -------------------------------
+    "consul.d/gossip.json" = {
+      file = ../secrets/consul.d/gossip.json.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    "consul.d/consul-agent-ca.pem" = {
+      file = ../secrets/consul.d/consul-agent-ca.pem.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    "consul.d/agent-token-reykjavik.json" = {
+      file = ../secrets/consul.d/agent-token-reykjavik.json.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    # Nomad -------------------------------
+    "nomad.d/consul-token.json" = {
+      file = ../secrets/nomad.d/consul-token.json.age;
+      mode = "644";
+    };
+  };
+}
diff --git a/hosts/thingvellir/secrets.nix b/hosts/thingvellir/secrets.nix
new file mode 100644
index 0000000..de41143
--- /dev/null
+++ b/hosts/thingvellir/secrets.nix
@@ -0,0 +1,30 @@
+{ ... }:
+
+{
+  age.secrets = {
+    # Consul -------------------------------
+    "consul.d/gossip.json" = {
+      file = ../secrets/consul.d/gossip.json.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    "consul.d/consul-agent-ca.pem" = {
+      file = ../secrets/consul.d/consul-agent-ca.pem.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    "consul.d/agent-token-thingvellir.json" = {
+      file = ../secrets/consul.d/agent-token-thingvellir.json.age;
+      owner = "consul";
+      group = "consul";
+      mode = "644";
+    };
+    # Nomad -------------------------------
+    "nomad.d/consul-token.json" = {
+      file = ../secrets/nomad.d/consul-token.json.age;
+      mode = "644";
+    };
+  };
+}
diff --git a/modules/secrets.nix b/modules/secrets.nix
deleted file mode 100644
index 8ccfbd7..0000000
--- a/modules/secrets.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  consulCfg = config.samfelag.modules.server.consul;
-  nomadCfg = config.samfelag.modules.server.nomad;
-in
-{
-  config = {
-    age.secrets = {
-    } //
-    # Consul -------------------------------
-    lib.optionalAttrs consulCfg.enable {
-      "consul.d/gossip.json" = {
-        file = ../secrets/consul.d/gossip.json.age;
-        owner = "consul";
-        group = "consul";
-        mode = "644";
-      };
-      "consul.d/consul-agent-ca.pem" = {
-        file = ../secrets/consul.d/consul-agent-ca.pem.age;
-        owner = "consul";
-        group = "consul";
-        mode = "644";
-      };
-      "consul.d/agent-token-reykjavik.json" = {
-        file = ../secrets/consul.d/agent-token-reykjavik.json.age;
-        owner = "consul";
-        group = "consul";
-        mode = "644";
-      };
-      "consul.d/agent-token-thingvellir.json" = {
-        file = ../secrets/consul.d/agent-token-thingvellir.json.age;
-        owner = "consul";
-        group = "consul";
-        mode = "644";
-      };
-    } //
-    # Nomad -------------------------------
-    lib.optionalAttrs nomadCfg.enable {
-      "nomad.d/consul-token.json" = {
-        file = ../secrets/nomad.d/consul-token.json.age;
-        mode = "644";
-      };
-    };
-  };
-}