diff --git a/hosts/chmura/anki-sync-server.nix b/hosts/chmura/anki-sync-server.nix
new file mode 100644
index 0000000..4687da6
--- /dev/null
+++ b/hosts/chmura/anki-sync-server.nix
@@ -0,0 +1,30 @@
+{
+    config,
+    pkgs,
+    ...
+}: {
+    age.secrets.anki-user-credentials.file = ../../secrets/anki-user-credentials.age;
+
+    systemd.services.anki-sync-server = {
+        description = "Selfhosted Anki sync server.";
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+
+        serviceConfig = {
+            Type = "simple";
+            DynamicUser = true;
+            StateDirectory = "anki-sync-server";
+            ExecStart = "${pkgs.anki-bin}/bin/anki --syncserver";
+            Environment = ''SYNC_BASE="/var/lib/anki-sync-server" SYNC_HOST="127.0.0.1" SYNC_PORT="27701"'';
+            EnvironmentFile = config.age.secrets.anki-user-credentials.path;
+            Restart = "always";
+        };
+    };
+
+    services.caddy = {
+        enable = true;
+        virtualHosts."a.jacekpoz.pl".extraConfig = ''
+            reverse_proxy * localhost:27701
+        '';
+    };
+}
diff --git a/hosts/chmura/ankisyncd.nix b/hosts/chmura/ankisyncd.nix
deleted file mode 100644
index 8f7b7ee..0000000
--- a/hosts/chmura/ankisyncd.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-{
-    config,
-    config',
-    ...
-}: {
-    services.ankisyncd = {
-        enable = true;
-        port = 27701;
-    };
-
-    services.caddy = {
-        enable = true;
-        virtualHosts."a.jacekpoz.pl".extraConfig = ''
-            reverse_proxy * localhost:27701
-        '';
-    };
-
-    age.secrets = {
-        ankisyncd-username = {
-            file = ../../secrets/ankisyncd-username.age;
-            mode = "700";
-            owner = config'.username;
-            group = "users";
-        };
-        ankisyncd-password = {
-            file = ../../secrets/ankisyncd-password.age;
-            mode = "700";
-            owner = config'.username;
-            group = "users";
-        };
-    };
-
-    systemd.services.ankisyncd.environment = {
-        ANKISYNCD_USERNAME = "$(cat ${config.age.secrets.ankisyncd-username.path})";
-        ANKISYNCD_PASSWORD = "$(cat ${config.age.secrets.ankisyncd-password.path})";
-    };
-}
diff --git a/hosts/chmura/default.nix b/hosts/chmura/default.nix
index 578247a..a333634 100644
--- a/hosts/chmura/default.nix
+++ b/hosts/chmura/default.nix
@@ -1,6 +1,6 @@
 _: {
     imports = [
-        ./ankisyncd.nix
+        ./anki-sync-server.nix
         ./conduit.nix
         ./configuration.nix
         #./freshrss.nix
diff --git a/secrets/anki-user-credentials.age b/secrets/anki-user-credentials.age
new file mode 100644
index 0000000..21742bc
--- /dev/null
+++ b/secrets/anki-user-credentials.age
@@ -0,0 +1,13 @@
+age-encryption.org/v1
+-> ssh-ed25519 05IAmg Xj4hau+EYfzst4g4kNce86xDPJvQqwMQIkzJq4r8Ens
+dqZ5S6iCoLeF4OtwTIVFJlirl7kTUaG6TbX17RBWDUM
+-> ssh-ed25519 HC8P8A L4ulkghg5JIZ+alzYzdPcYN38DMzqbj9BIzqNP3/dAg
+AhgHs9tQGFc3xepWXIlR6wgmeQFMkpIH8Utxk9czAiM
+-> ssh-ed25519 sItgaw mhBqgC7VnEBjZQr1WkiTsAZp6kWHfmRhb3nKGwm+zFA
+BTDfbP1Z7899ziQl749Dn/5wJ98GhGv6iDb4SjDpM58
+-> ssh-ed25519 YQNd1g DGNkUnzLfCIiF5RJKqBBH1jQFyZDxLX/LjnfdQvi0iQ
+pZxtQ1NK4gsHSkJgc0JuypcPoaLDjzvhbSYMloEZv4U
+-> VE&"q$-grease
++ey9pz34m00mrTcNeXPvXsr85G0gOYV9Da+9OwwSU7s6Cg
+--- EFfOx1pWk2ZYQVfPCqu42s13RPzeFLlxh+5SDqefsdo
+^Q9@Îõó®pöö)p®­·ø¾;÷è‡S…sYqwõT¯þW¿w—j"A…Æ±&žX ^æ½\;çSúûPÿÁ¼Ý÷V©úÍì¬ÿ£Œ
\ No newline at end of file
diff --git a/secrets/ankisyncd-password.age b/secrets/ankisyncd-password.age
deleted file mode 100644
index 266f7c0..0000000
--- a/secrets/ankisyncd-password.age
+++ /dev/null
@@ -1,13 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 05IAmg 1ZYcZpCbYtP1ck85Zk2AZ+zZv1Ux1zQWnVdAETv1nCw
-KOVtQNfLWaPT6GBzRBibjlEb23MTOS/bNcm8QljGYQk
--> ssh-ed25519 HC8P8A vj+204x0X0+CVj1p+i/vA3EFRKnB58hUVUFdcKMfmSQ
-+1+0+CXjq6/k+ho2QBfgocqY4VjcLpqmcI3krmqsIyo
--> ssh-ed25519 sItgaw UiCiBpKPPy9JkWcrDJjVRYYZLmFpAlxlZPrG9ODnnEM
-7H0w0J7iB1j4wqUcSHoZfTwsvRC+/V3I1CAqwKigVdo
--> ssh-ed25519 YQNd1g RP8JIdng7SFRJLHPHC3Q2dW76URlbGQ2lTl5PEYGhDc
-UdUv8PS26CDvoBmBkKBLyjvg0neMiGkjivgSZEjD4po
--> 5M-grease #s2dp/| $ c^&FswLA
-+9lvheu17GWcrBwurwFWB8YnnOO/9FmRILTrhPvCEOmZ6iXUHay6jbK+
---- un4Yu4uYu7zqdZdmhGSPKvDHuxzYHZ9PemZC/Iyl2R0
-ß“VÔõ:tŽø"bpÙ˜Å3ÒƒazÅsV‘_yí ÊÿÐ,;›Á^›4‰Ÿ·ÛATGÁ/ÑnØÄ”Ç;NØ¾}'
\ No newline at end of file
diff --git a/secrets/ankisyncd-username.age b/secrets/ankisyncd-username.age
deleted file mode 100644
index e701a90..0000000
--- a/secrets/ankisyncd-username.age
+++ /dev/null
@@ -1,14 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 05IAmg hOwljrTCYZwaQsKuohprSVuqmJ5zfbT9/RdwWW3An1E
-QwTNvnAr7Kq802dOAkx7y8G+YlR2wtlT17agalRD9AE
--> ssh-ed25519 HC8P8A xvzaQzCjMoIBViMf3NMoydEBVRTFMOoU4oOsAmwCehM
-IA2vtbC+wjOIcm91sQM/0V+6gkzhESNyr0AbrJPg/+8
--> ssh-ed25519 sItgaw ViO7yNhkZ9i6xnJZmtvgrFfxlzPyP6B/GbsDrS7c1lo
-S7ZXnueUuI6S5CZrmdv4MxedXQ8KUUnDkIS3ujjkdjE
--> ssh-ed25519 YQNd1g QOgINcUppPriV4lZ6jzwlUwwtcw7Jg05eN2inF/LmFQ
-T/7kzBQofEuVx+8CvxS+TR954CNtNEu6IQmvTAPVKH0
--> syQ$va-grease ;~M&{8%< b1jw;$h Om._<}k
-o3RjXfALP1KKhRKrkoX/jnSPRIZrC6TSE4LG+dpUdC9wJvOEkpXEZenwpPyzI3LB
-NmY1Sw+gqQwNQiv62g6MyUTuxxKTvABiZFQfBdfFW3KjBLZIi30LtWU
---- Y+q3InJWdcn3ojcmjVJTCDt7Cr9ntDygVQIeY6hP/kk
-U1ÐÁ·ÁüÄ`.Ù:3¿šæ¦˜tyáž	¨Ý¾tL`…"l§NÅûC
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 4ae9b71..a116035 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -8,6 +8,5 @@ let
     niks = [ niks_user niks_host ];
     chmura = [ chmura_user chmura_host ];
 in {
-    "ankisyncd-username.age".publicKeys = niks ++ chmura;
-    "ankisyncd-password.age".publicKeys = niks ++ chmura;
+    "anki-user-credentials.age".publicKeys = niks ++ chmura;
 }