diff --git a/provision/hosts/bulwark/configuration.nix b/provision/hosts/bulwark/configuration.nix
index fc86d154..c0df46a6 100644
--- a/provision/hosts/bulwark/configuration.nix
+++ b/provision/hosts/bulwark/configuration.nix
@@ -41,6 +41,7 @@
         certPath = ../../secrets/syncthing/bulwark/cert.pem.age;
         devices = {
           "kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
+          "torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
         };
       };
     };
diff --git a/provision/hosts/kestrel/configuration.nix b/provision/hosts/kestrel/configuration.nix
index 9c78745f..1100d99f 100644
--- a/provision/hosts/kestrel/configuration.nix
+++ b/provision/hosts/kestrel/configuration.nix
@@ -63,6 +63,7 @@
         certPath = ../../secrets/syncthing/kestrel/cert.pem.age;
         devices = {
           "bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
+          "torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
         };
       };
     };
diff --git a/provision/hosts/torus/configuration.nix b/provision/hosts/torus/configuration.nix
index f3422f2d..bdfe16cb 100644
--- a/provision/hosts/torus/configuration.nix
+++ b/provision/hosts/torus/configuration.nix
@@ -102,6 +102,15 @@
     };
     services = {
       ssh.enable = true;
+      syncthing = {
+        enable = true;
+        keyPath = ../../secrets/syncthing/torus/key.pem.age;
+        certPath = ../../secrets/syncthing/torus/cert.pem.age;
+        devices = {
+          "bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
+          "kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
+        };
+      };
     };
   };
 }
diff --git a/provision/secrets/secrets.nix b/provision/secrets/secrets.nix
index 02f7999e..c493811d 100644
--- a/provision/secrets/secrets.nix
+++ b/provision/secrets/secrets.nix
@@ -24,5 +24,7 @@ in
   "syncthing/kestrel/cert.pem.age".publicKeys = systems;
   "syncthing/bulwark/key.pem.age".publicKeys = systems;
   "syncthing/bulwark/cert.pem.age".publicKeys = systems;
+  "syncthing/torus/key.pem.age".publicKeys = systems;
+  "syncthing/torus/cert.pem.age".publicKeys = systems;
 }
 
diff --git a/provision/secrets/syncthing/torus/cert.pem.age b/provision/secrets/syncthing/torus/cert.pem.age
new file mode 100644
index 00000000..8e86bd05
Binary files /dev/null and b/provision/secrets/syncthing/torus/cert.pem.age differ
diff --git a/provision/secrets/syncthing/torus/key.pem.age b/provision/secrets/syncthing/torus/key.pem.age
new file mode 100644
index 00000000..4e644575
Binary files /dev/null and b/provision/secrets/syncthing/torus/key.pem.age differ