diff --git a/tinyramfs b/tinyramfs
index 878c214..d8ca0f6 100755
--- a/tinyramfs
+++ b/tinyramfs
@@ -245,16 +245,12 @@ install_luks() {
         install_library /usr/lib/libgcc_s.so.1
 
     # copy luks header
-    [ -f "$luks_header" ] && {
+    [ -f "$luks_header" ] &&
         install -m400 "$luks_header" "${workdir}/root/luks_header"
-        luks_args="--header=/root/luks_header $luks_args"
-    }
 
     # copy luks keyfile
-    [ -f "$luks_keyfile" ] && {
+    [ -f "$luks_keyfile" ] &&
         install -m400 "$luks_keyfile" "${workdir}/root/luks_keyfile"
-        luks_args="--key-file=/root/luks_keyfile $luks_args"
-    }
 }
 
 install_driver() {
diff --git a/usr/share/tinyramfs/init b/usr/share/tinyramfs/init
index b53875d..b1ef0c8 100644
--- a/usr/share/tinyramfs/init
+++ b/usr/share/tinyramfs/init
@@ -89,7 +89,9 @@ findfs_sh() {
 }
 
 unlock_luks() {
-    [ "$luks_discard" = 1 ] && luks_args="--allow-discards $luks_args"
+    [ "$luks_discard" = 1   ] && luks_args="--allow-discards $luks_args"
+    [ -f /root/luks_header  ] && luks_args="--header=/root/luks_header $luks_args"
+    [ -f /root/luks_keyfile ] && luks_args="--key-file=/root/luks_keyfile $luks_args"
 
     cryptsetup $luks_args \
                luksOpen \
@@ -127,9 +129,10 @@ cleanup() {
 }
 
 boot_system() {
-    exec switch_root /mnt/root \
-                     ${init:-/sbin/init} ||
-                     panic "failed to boot system"
+    exec switch_root \
+         /mnt/root \
+         ${init:-/sbin/init} ||
+         panic "failed to boot system"
 }
 
 /sbin/busybox --install -s