diff --git a/flake.lock b/flake.lock
index 833ae51..01a379e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -182,11 +182,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1732303962,
-        "narHash": "sha256-5Umjb5AdtxV5jSJd5jxoCckh5mlg+FBQDsyAilu637g=",
+        "lastModified": 1731235328,
+        "narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "8cf9cb2ee78aa129e5b8220135a511a2be254c0c",
+        "rev": "60bb110917844d354f3c18e05450606a435d2d10",
         "type": "github"
       },
       "original": {
diff --git a/roles/common/configuration.nix b/roles/common/configuration.nix
index af07bef..3f1e6bf 100755
--- a/roles/common/configuration.nix
+++ b/roles/common/configuration.nix
@@ -143,7 +143,6 @@
           publicShare = null; # Disable the public folder
         };
       };
-      systemd.user.startServices = true;
     };
   };
 
diff --git a/roles/desktop/services/syncthing.nix b/roles/desktop/services/syncthing.nix
index f3b0713..ba2ca9f 100644
--- a/roles/desktop/services/syncthing.nix
+++ b/roles/desktop/services/syncthing.nix
@@ -1,54 +1,23 @@
 {config, ...}: {
   services.syncthing = {
-    # enable = true;
-    # user = "toast";
-    # group = "users";
-    # dataDir = config.users.users.toast.home;
+    enable = true;
+    user = "toast";
+    group = "users";
+    dataDir = config.users.users.toast.home;
     settings.folders."passwords".path = "~/Documents/Passwords";
   };
-  age.secrets = {
-    syncthingCert = {
-      owner = "toast";
-      group = "users";
-    };
-    syncthingKey = {
-      owner = "toast";
-      group = "users";
-    };
-  };
-  home-manager.users.toast = {
-    osConfig,
-    lib,
-    ...
-  }: let
-    systemConfig = osConfig.services.syncthing;
-    missingOptions = [
-      "all_proxy"
-      "configDir"
-      "dataDir"
-      "databaseDir"
-      "declarative"
-      "devices"
-      "folders"
-      "extraFlags"
-      "user"
-      "group"
-      "systemService"
-      "openDefaultPorts"
-      "options"
-      "relay"
-      "useInotify"
-    ];
-    removeMissingOptions = rawOptions: (
-      # lib.attrsets.filterAttrs (n: v: n == "all_proxy") rawOptions
-      builtins.removeAttrs rawOptions missingOptions
-    );
-  in {
-    services.syncthing = removeMissingOptions systemConfig // {
-      enable = true;
-      # Renamed options
-      allProxy = systemConfig.all_proxy;
-      extraOptions = systemConfig.extraFlags;
-    };
-  };
+  # Allow regular users to stop syncthing
+  # https://stackoverflow.com/questions/61480914/using-policykit-to-allow-non-root-users-to-start-and-stop-a-service
+  security.polkit.extraConfig = ''
+    polkit.addRule(function(action, subject) {
+    	if (
+    		action.id == "org.freedesktop.systemd1.manage-units" &&
+    		action.lookup("unit") == "syncthing.service" &&
+    		subject.user == "${config.services.syncthing.user}"
+    	)
+    	{
+    		return polkit.Result.YES;
+    	}
+    })
+  '';
 }