diff --git a/roles/desktop/services/syncthing.nix b/roles/desktop/services/syncthing.nix
index 728dd0e..c650ba9 100644
--- a/roles/desktop/services/syncthing.nix
+++ b/roles/desktop/services/syncthing.nix
@@ -8,4 +8,18 @@
 		dataDir = config.users.users.toast.home;
 		folders."passwords".path = "~/Documents/Passwords";
 	};
+	# Allow regular users to stop syncthing
+	# https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
+	security.polkit.extraConfig = ''
+		polkit.addRule(function(action, subject) {
+			if (
+				action.id == "org.freedesktop.systemd1.manage-units" &&
+				action.lookup("unit") == "syncthing.service" &&
+				subject.user == "${config.services.syncthing.user}"
+			)
+			{
+				return polkit.Result.YES;
+			}
+		})
+	'';
 }