diff --git a/modules/wg-clerie/default.nix b/modules/wg-clerie/default.nix
index 3a6b69e..aa690ad 100644
--- a/modules/wg-clerie/default.nix
+++ b/modules/wg-clerie/default.nix
@@ -65,7 +65,9 @@ in
     networking.wireguard.enable = true;
     networking.wireguard.interfaces = {
       wg-clerie = {
-        privateKeyFile = if cfg.privateKeyFile == null then config.age.secrets.wg-clerie.path else cfg.privateKeyFile;
+        privateKeyFile = if cfg.privateKeyFile != null then cfg.privateKeyFile else
+          if builtins.elem "wg-clerie" (attrNames config.sops.secrets) then config.sops.secrets.wg-clerie.path else
+            config.age.secrets.wg-clerie.path;
         ips = cfg.ipv6s ++ cfg.ipv4s;
         table = "wg-clerie";
         peers = [