diff --git a/gnu/services/sssd.scm b/gnu/services/sssd.scm
index c6b5e4b..56d422d 100644
--- a/gnu/services/sssd.scm
+++ b/gnu/services/sssd.scm
@@ -9,15 +9,6 @@
   #:use-module (gnu services configuration)
   #:export (sssd-configuration sssd-service-type))
 
-(define-configuration/no-serialization sssd-configuration
-                                       (sssd (file-like sssd)
-                                             "SSSD Package to use")
-                                       (pam-services (list-of-strings '())
-                                        "List of pam services to use sssd for")
-                                       (config (file-like
-                                                default-sssd-conf-file)
-                                               "sssd.conf file"))
-
 (define default-sssd-conf-file
   (plain-file "sssd.conf"
               (string-join (list "[sssd]"
@@ -39,6 +30,18 @@
                                            (or (getenv "LDAP_BINDPW") ""))
                             "") "\n")))
 
+(define-configuration/no-serialization sssd-configuration
+                                       (sssd (file-like sssd)
+                                             "SSSD Package to use")
+                                       (pam-services (list-of-strings (list "su" "gdm-password"
+                                                         "login" "sshd"
+                                                         "passwd"))
+                                        "List of pam services to use sssd for")
+                                       (config (file-like
+                                                default-sssd-conf-file)
+                                               "sssd.conf file"))
+
+
 (define (sssd-pam-service config)
   (define sssd-pam-module
     (file-append (sssd-configuration-sssd config) "/lib/security/pam_sss.so"))
diff --git a/metznet/system/base-system.scm b/metznet/system/base-system.scm
index 6bee65c..26397b4 100644
--- a/metznet/system/base-system.scm
+++ b/metznet/system/base-system.scm
@@ -243,9 +243,9 @@
 (define (metznet-etc-service configuration)
   `(("openvpn/ta.key" ,(metznet-system-configuration-vpn-ta-key configuration))
     ("openvpn/ca.crt" ,(metznet-system-configuration-vpn-ca configuration))
-    ("openvpn/client.key" ,(metznet-system-configuration-vpn-cert
+    ("openvpn/client.key" ,(metznet-system-configuration-vpn-key
                             configuration))
-    ("openvpn/client.crt" ,(metznet-system-configuration-vpn-key configuration))))
+    ("openvpn/client.crt" ,(metznet-system-configuration-vpn-cert configuration))))
 
 (define-public metznet-service-type
   (service-type (name 'metznet-service)
@@ -269,10 +269,7 @@
         (service pam-krb5-service-type
                  (pam-krb5-configuration (pam-krb5 pam-krb5)
                                          (minimum-uid 1000)))
-        (service sssd-service-type
-                 (sssd-configuration (pam-services (list "su" "gdm-password"
-                                                         "login" "sshd"
-                                                         "passwd"))))
+        (service sssd-service-type)
         (service metznet-service-type)))
 
 (define %metznet-nscd-configuration