diff --git a/config/services/netbird.nix b/config/services/netbird.nix
index 144d884..6a7aba6 100644
--- a/config/services/netbird.nix
+++ b/config/services/netbird.nix
@@ -20,6 +20,11 @@
     owner = "turnserver";
   };
 
+  age.secrets.relaySecret = {
+    generator.script = "alnum";
+    owner = "turnserver";
+  };
+
   age.secrets.dataEnc = {
     generator.script =
       { pkgs, ... }:
@@ -42,6 +47,8 @@
         };
       };
 
+      relay.authSecretFile = config.age.secrets.relaySecret.path;
+
       coturn = {
         enable = true;
         passwordFile = config.age.secrets.coturnPassword.path;
diff --git a/hosts/elisabeth/secrets/netbird/generated/relaySecret.age b/hosts/elisabeth/secrets/netbird/generated/relaySecret.age
new file mode 100644
index 0000000..0d2b795
Binary files /dev/null and b/hosts/elisabeth/secrets/netbird/generated/relaySecret.age differ
diff --git a/patches/PR/354032.diff b/patches/PR/354032.diff
index fdebc37..e0c7cf5 100644
--- a/patches/PR/354032.diff
+++ b/patches/PR/354032.diff
@@ -334,7 +334,7 @@ index 0000000000000..998ddbad212cf
 +}
 diff --git a/nixos/modules/services/networking/netbird/relay.nix b/nixos/modules/services/networking/netbird/relay.nix
 new file mode 100644
-index 0000000000000..45650d15358a0
+index 0000000000000..38af7fb1b2865
 --- /dev/null
 +++ b/nixos/modules/services/networking/netbird/relay.nix
 @@ -0,0 +1,124 @@
@@ -403,7 +403,7 @@ index 0000000000000..45650d15358a0
 +        An attribute set that will be set as the environment for the process.
 +        Used for runtime configuration.
 +        The exact values sadly aren't documented anywhere.
-+        A starting point when searching for valid values is this [source file](https://github.com/netbirdio/netbird/blob/v${cfg.packag.version}/relay/cmd/root.go)
++        A starting point when searching for valid values is this [source file](https://github.com/netbirdio/netbird/blob/main/relay/cmd/root.go)
 +      '';
 +    };
 +