diff --git a/modules/nixos/hardware/default.nix b/modules/nixos/hardware/default.nix
index 21942b7..c180b99 100644
--- a/modules/nixos/hardware/default.nix
+++ b/modules/nixos/hardware/default.nix
@@ -22,7 +22,7 @@ in
     sane = {
       enable = true;
       brscan5.enable = false;
-      extraBackends = [ pkgs.brscan5 ];
+      extraBackends = if (!isArm) then [ pkgs.brscan5 ] else [ ];
     };
 
     flipperzero.enable = true;
diff --git a/systems/aarch64-linux/pi5/default.nix b/systems/aarch64-linux/pi5/default.nix
index a70863d..f8dfb19 100644
--- a/systems/aarch64-linux/pi5/default.nix
+++ b/systems/aarch64-linux/pi5/default.nix
@@ -27,7 +27,7 @@
     desktop.hyprland.enable = false;
     user = {
       name = "matt";
-      passwordFile = config.sops.secrets."pi5/matt-password".path;
+      # passwordFile = config.sops.secrets."pi5/matt-password".path;
       mutableUsers = false;
       extraGroups = [ "docker" ];
       sshKeys = [
diff --git a/systems/aarch64-linux/pi5/sops.nix b/systems/aarch64-linux/pi5/sops.nix
index b411d49..0c3b58a 100755
--- a/systems/aarch64-linux/pi5/sops.nix
+++ b/systems/aarch64-linux/pi5/sops.nix
@@ -2,41 +2,24 @@
 let
   user = "matt";
   defaultSops = (lib.snowfall.fs.get-file "secrets/pi5-secrets.yaml");
-  sharedSops = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
 in
 {
   sops = {
-    defaultSopsFile = lib.mkForce defaultSops;
-    # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
-    age.keyFile = "/home/matt/.config/sops/age/keys.txt";
-
     # ------------------------------
     # Secrets
     # ------------------------------
     secrets = {
-      "wifi" = {
-        sopsFile = sharedSops;
-      };
-      "pi5/matt-password" = {
-        neededForUsers = true;
-        mode = "0600";
-        owner = config.users.users."${user}".name;
-        group = config.users.users."${user}".group;
-      };
-
       # ------------------------------
       # SSH keys
       # ------------------------------
 
       "ssh-keys-public/pi5" = {
-        sopsFile = sharedSops;
         mode = "0644";
         owner = config.users.users."${user}".name;
         group = config.users.users."${user}".group;
         restartUnits = [ "sshd.service" ];
       };
       "ssh-keys-private/pi5" = {
-        sopsFile = sharedSops;
         mode = "0600";
         owner = config.users.users."${user}".name;
         group = config.users.users."${user}".group;
@@ -44,14 +27,14 @@ in
       };
 
       "pi5/sys-public-key" = {
-        neededForUsers = true;
+        sopsFile = defaultSops;
         mode = "0600";
         owner = config.users.users.root.name;
         group = config.users.users.root.group;
         restartUnits = [ "sshd.service" ];
       };
       "pi5/sys-priv-key" = {
-        neededForUsers = true;
+        sopsFile = defaultSops;
         mode = "0600";
         owner = config.users.users.root.name;
         group = config.users.users.root.group;