diff --git a/modules/retiolum/default.nix b/modules/retiolum/default.nix
index fbbeb9a..d852521 100644
--- a/modules/retiolum/default.nix
+++ b/modules/retiolum/default.nix
@@ -59,6 +59,8 @@ in {
         chown -R tinc.${netname} /etc/tinc/${netname}/hosts
         chmod -R u+w /etc/tinc/${netname}/hosts
       '';
+      # this triggers tinc restarts and it is pointless to restart tinc after the key has been created
+      restartIfChanged = false;
       serviceConfig = {
         Type = "oneshot";
         RemainAfterExit = true;
@@ -72,9 +74,6 @@ in {
       serviceConfig.ExecReload = "${config.services.tinc.networks.${netname}.package}/bin/tinc -n ${netname} reload";
     };
 
-    # this triggers tinc restarts and it is pointless to restart tinc after the key has been created
-    systemd.services."tinc.${netname}-host-keys".restartIfChanged = true;
-
     networking.firewall.allowedTCPPorts = [ 655 ];
     networking.firewall.allowedUDPPorts = [ 655 ];