diff --git a/mail-server/script/create_dkim_certificate b/mail-server/script/create_dkim_certificate
new file mode 100644
index 0000000..bb95d33
--- /dev/null
+++ b/mail-server/script/create_dkim_certificate
@@ -0,0 +1,14 @@
+# Create dkim dir
+mkdir -p "${cfg.dkimKeyDirectory}"
+chown rmilter:rmilter "${cfg.dkimKeyDirectory}"
+
+if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ]
+then
+
+  ${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \
+                                       -d ${cfg.domain} \
+                                       --directory="${cfg.dkimKeyDirectory}"
+  chown rmilter:rmilter "${dkim_key}"
+fi
+
+# vim: set filetype=sh
diff --git a/mail-server/systemd.nix b/mail-server/systemd.nix
index 5ebf3ee..42ea05e 100644
--- a/mail-server/systemd.nix
+++ b/mail-server/systemd.nix
@@ -25,21 +25,7 @@ let
 
   dkim_key = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.private";
   dkim_txt = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.txt";
-  create_dkim_cert =
-        ''
-          # Create dkim dir
-          mkdir -p "${cfg.dkimKeyDirectory}"
-          chown rmilter:rmilter "${cfg.dkimKeyDirectory}"
-
-          if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ]
-          then
-
-              ${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \
-                                                   -d ${cfg.domain} \
-                                                   --directory="${cfg.dkimKeyDirectory}"
-              chown rmilter:rmilter "${dkim_key}"
-          fi
-        '';
+  create_dkim_cert = builtins.readFile ./script/create_dkim_certificate;
 in
 {
   config = with cfg; lib.mkIf enable {