diff --git a/outputs.nix b/outputs.nix
index 23ce213..6b6ba32 100644
--- a/outputs.nix
+++ b/outputs.nix
@@ -23,12 +23,6 @@ in {
       inherit (nix.packages."${pkgs.system}") nix;
       inherit (nixpkgsUnstable.legacyPackages."${pkgs.system}") alejandra;
     };
-  nixosConfigurations = nixpkgs.lib.nixosSystem {
-    system = "${pkgs.system}";
-    modules = [
-      ragenix.nixosModules.default
-    ];
-  };
 }))
 // {
   colmena = {
@@ -40,7 +34,12 @@ in {
         overlays = [];
       };
     };
-    toscano = import ./nixos/hosts/toscano/configuration.nix;
+    toscano = {
+      imports = [
+        ./nixos/hosts/toscano/configuration.nix
+        ragenix.nixosModules.default
+      ];
+    };
     # The below lines are in the wrong place
     #nixosConfigurations = import ./nixos/configurations.nix (inputs
     #  // {
diff --git a/profiles/users.nix b/profiles/users.nix
index f9b6cb3..6699a24 100644
--- a/profiles/users.nix
+++ b/profiles/users.nix
@@ -4,6 +4,11 @@
   pkgs,
   ...
 }: {
+  age.secrets = {
+    root.file = ../secrets/root.age;
+    fiscalvelvetpoet.file = ../secrets/fiscalvelvetpoet.age;
+  };
+
   # JFDIC Ops groups:
   users.groups.fiscalvelvetpoet.gid = 1000;
 
@@ -14,7 +19,7 @@
     group = "fiscalvelvetpoet";
     extraGroups = ["wheel"];
     # fix this
-    #passwordFile = config.age.secrets.fiscalvelvetpoet.path;
+    passwordFile = config.age.secrets.fiscalvelvetpoet.path;
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDMAhG6+40YiYy9wqruHK9M2fLwYAqikJSJ/pRjR/so fiscalvelvetpoet@jfdic.org"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7qAXTCAnqq+3ks4L8/2f4J8RxmrFaMOCA7m9ImbW2m fiscalvelvetpoet@sealgair"
@@ -23,7 +28,7 @@
 
   users.users.root = {
     # fix this
-    #passwordFile = config.age.secrets.root.path;
+    passwordFile = config.age.secrets.root.path;
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDMAhG6+40YiYy9wqruHK9M2fLwYAqikJSJ/pRjR/so fiscalvelvetpoet@jfdic.org"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7qAXTCAnqq+3ks4L8/2f4J8RxmrFaMOCA7m9ImbW2m fiscalvelvetpoet@sealgair"
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 4770ebb..26b29a2 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,3 +1,5 @@
+# Used by ragenix nix only.
+# Ensure that $RULES has been set
 let
   fiscalvelvetpoet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDMAhG6+40YiYy9wqruHK9M2fLwYAqikJSJ/pRjR/so";
   ops = [fiscalvelvetpoet];