diff --git a/modules/web01/gitea/actions-runner.nix b/modules/web01/gitea/actions-runner.nix
index 550be49..a599b1b 100644
--- a/modules/web01/gitea/actions-runner.nix
+++ b/modules/web01/gitea/actions-runner.nix
@@ -13,9 +13,7 @@
       token=$(${lib.getExe self.packages.${pkgs.hostPlatform.system}.gitea} actions generate-runner-token)
       echo "TOKEN=$token" > /var/lib/gitea-actions-runner/token
     '';
-    unitConfig.ConditionPathExists = [
-      "!/var/lib/gitea-actions-runner/token"
-    ];
+    unitConfig.ConditionPathExists = [ "!/var/lib/gitea-actions-runner/token" ];
     serviceConfig = {
       User = "gitea";
       Group = "gitea";
@@ -29,7 +27,6 @@
     after = [ "gitea-runner-nix-token.service" ];
     requires = [ "gitea-runner-nix-token.service" ];
 
-
     # TODO: systemd confinment
     serviceConfig = {
       # Hardening (may overlap with DynamicUser=)
diff --git a/targets/web01/secrets.yaml b/targets/web01/secrets.yaml
index dfc5011..77b86a0 100644
--- a/targets/web01/secrets.yaml
+++ b/targets/web01/secrets.yaml
@@ -52,8 +52,8 @@ sops:
             TGk4dUlwcE9XWWIzZE1nQXdXcWY0V0kKJi5yXdrsEOP4Z8K6k/sPA7yadNPKQtzo
             Iyt//Y+Y7n55KwuO8Doogu42SiVTUhHDICM9lezQmcugFqCoh3Lk4A==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-07-19T17:46:20Z"
-    mac: ENC[AES256_GCM,data:TP13I8Ssg+OwgMrRb1SKzxD6RJRipr/rkZwjY3TMVmJDp0GDipXzWFXZmiIpe2t76BxeRLTfgc9fmEflxhlcV+SVxLYZzXax6OT6rniDkAshlIdYR0H0LsgE9gfAYHGnvQW6dM1S8z+NFifvBeJM76FugM9IXjcVSYq7iaDY5fU=,iv:CktTCdtfpOfprMuOVfmfCO/2MAlV46DHEHSM8C0gfpA=,tag:V2EjkVXoRgtX81KbLXZCcA==,type:str]
+    lastmodified: "2023-07-19T12:39:56Z"
+    mac: ENC[AES256_GCM,data:baVe7FXbyJ7qAiTFtSB6YO/cNZTaHskRiut7XjmvqIltLGvMAkmOKYYzjPgSZ+RHz2az/MAF+05npP0Poy/jgR3qQ8s+Z3ml6u+Ze53bZFBofnNf8oxKp5uZ7RjDnPKwh3Uz3x4hTW2QbC2s1ik+LdxMpwuU641y0N32UkODU44=,iv:oYtjQUjL7pkxE7gpdDv9SGpJAl1UellVXztvKG5mH+U=,tag:U7bL1zr2y74LSDXQzmqRtw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3