diff --git a/packages/bookwyrm/nixos-module.nix b/packages/bookwyrm/nixos-module.nix
index 96849ae..c8aaa21 100644
--- a/packages/bookwyrm/nixos-module.nix
+++ b/packages/bookwyrm/nixos-module.nix
@@ -25,16 +25,16 @@ with pkgs . kernelmaft ;
 					User=bookwyrm
 					Group=bookwyrm
 
-					ProtectSystem=strict
-					ProtectHome=tmpfs
-					PrivateTmp=disconnected
+					ProtectSystem="strict"
+					ProtectHome="tmpfs"
+					PrivateTmp="disconnected"
 					PrivateDevices=true
 					PrivateIPC=true
 					ProtectHostname=true
 					ProtectClock=true
 					ProtectKernelTunables=true
 					ProtectKernelModules=true
-					ProtectControlGroups=strict
+					ProtectControlGroups="strict"
 					RestrictNamespaces=true
 					LockPersonality=true
 					RestrictRealtime=true