diff --git a/flake.lock b/flake.lock
index 2b5f77d..3530ec7 100644
--- a/flake.lock
+++ b/flake.lock
@@ -583,9 +583,30 @@
         "hyprland": "hyprland",
         "nixpkgs": "nixpkgs_2",
         "nixvim": "nixvim",
+        "sops-nix": "sops-nix",
         "spotiflac-cli": "spotiflac-cli"
       }
     },
+    "sops-nix": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1772495394,
+        "narHash": "sha256-hmIvE/slLKEFKNEJz27IZ8BKlAaZDcjIHmkZ7GCEjfw=",
+        "owner": "Mic92",
+        "repo": "sops-nix",
+        "rev": "1d9b98a29a45abe9c4d3174bd36de9f28755e3ff",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Mic92",
+        "repo": "sops-nix",
+        "type": "github"
+      }
+    },
     "spotiflac-cli": {
       "inputs": {
         "nixpkgs": "nixpkgs_4"
diff --git a/flake.nix b/flake.nix
index 62f0834..a599120 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,11 +5,14 @@
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-
     nixvim = {
       url = "github:Superredstone/nixvim";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     hyprland.url = "github:hyprwm/Hyprland";
     spotiflac-cli.url = "github:Superredstone/spotiflac-cli";
   };
@@ -20,6 +23,7 @@
       home-manager,
       nixvim,
       spotiflac-cli,
+      sops-nix,
       ...
     }@inputs:
     let
@@ -32,6 +36,7 @@
           overlays
           nixvim
           spotiflac-cli
+          sops-nix
           inputs
           nixpkgs
           home-manager
diff --git a/lib/mksystem.nix b/lib/mksystem.nix
index be479a9..4c88b1d 100644
--- a/lib/mksystem.nix
+++ b/lib/mksystem.nix
@@ -3,6 +3,7 @@
   overlays,
   nixvim,
   spotiflac-cli,
+  sops-nix,
   inputs,
   nixpkgs,
   home-manager,
@@ -38,6 +39,7 @@ let
     enableZram = enableZram;
     nixvim = nixvim;
     spotiflac-cli = spotiflac-cli;
+    sops-nix = sops-nix;
     inputs = inputs;
     additionalModules = additionalModules;
   };
@@ -58,6 +60,7 @@ nixpkgs.lib.nixosSystem {
       home-manager.sharedModules = [
       ];
     }
+    sops-nix.nixosModules.sops
     machineConfig
   ]
   ++ additionalModules;
diff --git a/modules/nix-config/security.nix b/modules/nix-config/security.nix
index 7e00e3d..81cfdb4 100644
--- a/modules/nix-config/security.nix
+++ b/modules/nix-config/security.nix
@@ -4,4 +4,13 @@
     		Defaults pwfeedback
         		Defaults timestamp_timeout=120
     	'';
+  sops = {
+    age.sshKeyPaths = [
+      "/etc/ssh/ssh_host_ed25519_key"
+    ];
+    defaultSopsFile = ../../secrets/default.sops.yaml;
+    secrets = {
+      "wifi_password" = { };
+    };
+  };
 }