diff --git a/modules/sops/default.nix b/modules/sops/default.nix
index d7cda1f..23f1e03 100644
--- a/modules/sops/default.nix
+++ b/modules/sops/default.nix
@@ -484,6 +484,12 @@ in
               ExecStart = [ "${cfg.package}/bin/sops-install-secrets ${manifest}" ];
               RemainAfterExit = true;
             };
+            unitConfig.RequiresMountsFor = lib.concatLists [
+              (lib.lists.optional (cfg.gnupg.home != null) cfg.gnupg.home)
+              cfg.gnupg.sshKeyPaths
+              (lib.lists.optional (cfg.age.keyFile != null) cfg.age.keyFile)
+              cfg.age.sshKeyPaths
+            ];
           };
 
       system.activationScripts = {
diff --git a/modules/sops/secrets-for-users/default.nix b/modules/sops/secrets-for-users/default.nix
index 841eb13..bec3a28 100644
--- a/modules/sops/secrets-for-users/default.nix
+++ b/modules/sops/secrets-for-users/default.nix
@@ -44,6 +44,12 @@ in
           ExecStart = [ "${cfg.package}/bin/sops-install-secrets -ignore-passwd ${manifestForUsers}" ];
           RemainAfterExit = true;
         };
+        unitConfig.RequiresMountsFor = lib.concatLists [
+          (lib.lists.optional (cfg.gnupg.home != null) cfg.gnupg.home)
+          cfg.gnupg.sshKeyPaths
+          (lib.lists.optional (cfg.age.keyFile != null) cfg.age.keyFile)
+          cfg.age.sshKeyPaths
+        ];
       };
 
   system.activationScripts = lib.mkIf (secretsForUsers != { } && !useSystemdActivation) {