diff --git a/hosts/fw.cloonar.com/modules/staticids.nix b/hosts/fw.cloonar.com/modules/staticids.nix
index ceb7cc4..4b669d6 100644
--- a/hosts/fw.cloonar.com/modules/staticids.nix
+++ b/hosts/fw.cloonar.com/modules/staticids.nix
@@ -1,8 +1,31 @@
+{ lib, ... }:
 {
-  uids = {
-    unbound = 10001;
+  
+  options.cids = {
+    uids = lib.mkOption {
+      readOnly = true;
+      description = lib.mdDoc ''
+        The user IDs used for containers.
+      '';
+      type = lib.types.attrsOf types.int;
+    };
+
+    gids = lib.mkOption {
+      readOnly = true;
+      description = lib.mdDoc ''
+        The group IDs used for containers.
+      '';
+      type = lib.types.attrsOf types.int;
+    };
   };
-  gids = {
-    unbound = 10001;
+  config = {
+    cids = {
+      uids = {
+        unbound = 10001;
+      };
+      gids = {
+        unbound = 10001;
+      };
+    };
   };
 }
diff --git a/hosts/fw.cloonar.com/modules/unbound.nix b/hosts/fw.cloonar.com/modules/unbound.nix
index ada2d09..0ee655e 100644
--- a/hosts/fw.cloonar.com/modules/unbound.nix
+++ b/hosts/fw.cloonar.com/modules/unbound.nix
@@ -1,6 +1,5 @@
 { config, ... }:
 let
-  cids = import [../modules/staticids.nix];
   domain = "ns.cloonar.com";
   cfg = {
     server = {
@@ -134,10 +133,10 @@ in {
   users.users.unbound = {
     group = "unbound";
     isSystemUser = true;
-    uid = cids.uids.unbound;
+    uid = config.cids.uids.unbound;
   };
   users.groups.unbound = {
-    gid = cids.gids.unbound;
+    gid = config.cids.gids.unbound;
   };
 
   security.acme.certs."${domain}" = {
@@ -176,10 +175,10 @@ in {
       users.users.unbound = {
         group = "unbound";
         isSystemUser = true;
-        uid = cids.uids.unbound;
+        uid = config.cids.uids.unbound;
       };
       users.groups.unbound = {
-        gid = cids.gids.unbound;
+        gid = config.cids.gids.unbound;
       };
       services.unbound = {
         enable = true;