diff --git a/modules/programs/keepassxc.nix b/modules/programs/keepassxc.nix
index 6bff531..4dda211 100644
--- a/modules/programs/keepassxc.nix
+++ b/modules/programs/keepassxc.nix
@@ -22,10 +22,10 @@
     cache_config = lib.mkOption {
       default = ''
         [General]
-        LastDatabases=/home/${config.conf.username}/Music/Passwords.kdbx
-        LastActiveDatabase=/home/${config.conf.username}/Music/Passwords.kdbx
-        LastOpenedDatabases=/home/${config.conf.username}/Music/Passwords.kdbx
-        LastKeyFiles=@Variant(\0\0\0\x1c\0\0\0\x1\0\0\0\x42\0/\0h\0o\0m\0\x65\0/\0\x64\0\x61\0s\0h\0i\0\x65\0/\0M\0u\0s\0i\0\x63\0/\0P\0\x61\0s\0s\0w\0o\0r\0\x64\0s\0.\0k\0\x64\0\x62\0x\0\0\0\n\0\0\0\x42\0/\0h\0o\0m\0\x65\0/\0\x64\0\x61\0s\0h\0i\0\x65\0/\0M\0u\0s\0i\0\x63\0/\0l\0o\0g\0i\0n\0_\0k\0\x65\0y\0.\0k\0\x65\0y\0x)
+        LastDatabases=/home/${config.conf.username}/pws/Passwords.kdbx
+        LastActiveDatabase=/home/${config.conf.username}/pws/Passwords.kdbx
+        LastOpenedDatabases=/home/${config.conf.username}/pws/Passwords.kdbx
+        LastKeyFiles=@Variant(\0\0\0\x1c\0\0\0\x1\0\0\0>\0/\0h\0o\0m\0\x65\0/\0\x64\0\x61\0s\0h\0i\0\x65\0/\0p\0w\0s\0/\0P\0\x61\0s\0s\0w\0o\0r\0\x64\0s\0.\0k\0\x64\0\x62\0x\0\0\0\n\0\0\0>\0/\0h\0o\0m\0\x65\0/\0\x64\0\x61\0s\0h\0i\0\x65\0/\0p\0w\0s\0/\0l\0o\0g\0i\0n\0_\0k\0\x65\0y\0.\0k\0\x65\0y\0x)
       '';
       example = "";
       type = lib.types.lines;
diff --git a/modules/programs/sops.nix b/modules/programs/sops.nix
index b4b9657..452a9a1 100644
--- a/modules/programs/sops.nix
+++ b/modules/programs/sops.nix
@@ -26,6 +26,23 @@
       type = with lib.types; attrsOf anything;
       description = "secrets for sops";
     };
+    sopsPath = lib.mkOption {
+      default = root + /secrets/secrets.yaml;
+      example = "/your/path";
+      type =
+        with lib.types;
+        oneOf [
+          string
+          path
+        ];
+      description = "sops secrets path";
+    };
+    validateSopsFile = lib.mkOption {
+      default = true;
+      example = false;
+      type = lib.types.bool;
+      description = "Whether to validate the sops file -> set this to false when using full paths";
+    };
   };
   config = lib.mkIf config.mods.sops.enable (
     lib.optionalAttrs (options ? home.packages) {
@@ -35,7 +52,8 @@
           home = "~/.gnupg";
           sshKeyPaths = [ ];
         };
-        defaultSopsFile = root + /secrets/secrets.yaml;
+        defaultSopsFile = config.mods.sops.sopsPath;
+        validateSopsFiles = config.mods.sops.validateSopsFile;
         secrets = config.mods.sops.secrets;
       };