diff --git a/hosts/srv-public/default.nix b/hosts/srv-public/default.nix
index 585bcc7..88e13f5 100644
--- a/hosts/srv-public/default.nix
+++ b/hosts/srv-public/default.nix
@@ -29,7 +29,7 @@
           sshd = true;
           caddy = true;
         };
-        bouncer.firewall = true;
+        bouncers.firewall = true;
       };
 
       forgejo = {
diff --git a/modules/system/services/crowdsec.nix b/modules/system/services/crowdsec.nix
index 4323adf..0e5faab 100644
--- a/modules/system/services/crowdsec.nix
+++ b/modules/system/services/crowdsec.nix
@@ -11,9 +11,9 @@ let
   user = config.users.users.crowdsec.name;
 in
 {
-  imports = [
-    inputs.crowdsec.nixosModules.crowdsec
-    inputs.crowdsec.nixosModules.crowdsec-firewall-bouncer
+  imports = with inputs.crowdsec.nixosModules; [
+    crowdsec
+    crowdsec-firewall-bouncer
   ];
 
   options.custom.services.crowdsec = {
@@ -31,7 +31,7 @@ in
       caddy = lib.mkEnableOption "";
       sshd = lib.mkEnableOption "";
     };
-    bouncer.firewall = lib.mkEnableOption "";
+    bouncers.firewall = lib.mkEnableOption "";
   };
 
   config = lib.mkIf cfg.enable {
@@ -77,7 +77,7 @@ in
           ];
       };
 
-      crowdsec-firewall-bouncer = {
+      crowdsec-firewall-bouncer = lib.mkIf cfg.bouncers.firewall {
         enable = true;
         package = inputs.crowdsec.packages.${pkgs.system}.crowdsec-firewall-bouncer;
         settings = {
@@ -120,9 +120,11 @@ in
           fi
         '';
       in
-      lib.mkAfter [
-        collectionsScript
-        bouncerScript
-      ];
+      lib.mkAfter (
+        lib.concatLists [
+          (lib.singleton collectionsScript)
+          (lib.optional cfg.bouncers.firewall bouncerScript)
+        ]
+      );
   };
 }