diff --git a/nixosModules/services/tailscale/default.nix b/nixosModules/services/tailscale/default.nix
index 499eaa6c..ad927417 100644
--- a/nixosModules/services/tailscale/default.nix
+++ b/nixosModules/services/tailscale/default.nix
@@ -9,9 +9,11 @@
   };
 
   config = lib.mkIf config.alyraffauf.services.tailscale.enable {
+    age.secrets.tailscaleAuthKey.file = ../../../secrets/tailscale/authKeyFile.age;
     services.tailscale = {
       enable = true;
       openFirewall = true;
+      authKeyFile = config.age.secrets.tailscaleAuthKey.path;
     };
   };
 }
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index d87d197b..1fe9b9ae 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -15,6 +15,7 @@ let
 in {
   "spotify/clientId.age".publicKeys = users ++ systems;
   "spotify/clientSecret.age".publicKeys = users ++ systems;
+  "tailscale/authKeyFile.age".publicKeys = users ++ systems;
   "wifi/Stargate-Discovery.age".publicKeys = users ++ systems;
   "wifi/wattson.age".publicKeys = users ++ systems;
 }
diff --git a/secrets/tailscale/authKeyFile.age b/secrets/tailscale/authKeyFile.age
new file mode 100644
index 00000000..9ca0e937
Binary files /dev/null and b/secrets/tailscale/authKeyFile.age differ