diff --git a/common/tooling/apparmor/aa-alias-module.nix b/common/tooling/apparmor/aa-alias-module.nix
index 9f5a09f..48539da 100644
--- a/common/tooling/apparmor/aa-alias-module.nix
+++ b/common/tooling/apparmor/aa-alias-module.nix
@@ -1,17 +1,25 @@
-{ config, lib, pkgs, ... }: let 
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
   inherit (lib) getExe;
-  aa-alias-manager = pkgs.callPackage ./aa-alias-manager-package.nix {};
+  aa-alias-manager = pkgs.callPackage ./aa-alias-manager-package.nix { };
   alias_dir = "/run/aliases.d";
-in {
+in
+{
   config = {
     security.apparmor.includes."tunables/alias.d/store" = ''
       include if exists "${alias_dir}"
     '';
 
     systemd.services.aa-alias-setup = {
-      wantedBy = [ "apparmor.service" ];
+      before = [ "apparmor.service" ];
+      requiredBy = [ "apparmor.service" ];
       path = [ config.nix.package ]; # respect the users choice to use alternative nix implementations
-      
+
       serviceConfig = {
         Type = "oneshot";
         ExecStart = "${getExe aa-alias-manager} -o ${alias_dir} -p ${./aa-alias-patterns.json}";