diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..bc2151e
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,7 @@
+keys:
+  - &ravenshade age1zgd7qpj7vc4gjtetttqgp32aw75fmnjrw6ax2x2meul2w4jclytszvutdd
+creation_rules:
+  - path_regex: secrets.yaml$
+    key_groups:
+      - age:
+          - *ravenshade
diff --git a/home/modules/default.nix b/home/modules/default.nix
index 6b3f40b..471ad0f 100644
--- a/home/modules/default.nix
+++ b/home/modules/default.nix
@@ -14,6 +14,7 @@
     ./easyeffects.nix
     ./lazygit.nix
     ./dunst.nix
+    ./sops.nix
   ];
 
   nixpkgs.config.allowUnfree = true;
diff --git a/home/modules/sops.nix b/home/modules/sops.nix
new file mode 100644
index 0000000..a3208ee
--- /dev/null
+++ b/home/modules/sops.nix
@@ -0,0 +1,30 @@
+{ lib, config, inputs, ... }:
+
+let
+  cfg = config.snowhawk.sops;
+  home = config.home.homeDirectory;
+in
+{
+  imports = [
+    inputs.sops-nix.homeManagerModules.sops
+  ];
+
+  options.snowhawk.sops = {
+    enable = lib.mkEnableOption "sops";
+  };
+
+  config = lib.mkIf cfg.enable {
+    sops = {
+      age.keyFile = "${home}/.config/sops/age/keys.txt";
+
+      defaultSopsFile = ../../secrets.yaml;
+      validateSopsFiles = false;
+
+      secrets = {
+        "private_keys/personal_git" = {
+          path = "${home}/.ssh/personal_git";
+        };
+      };
+    };
+  };
+}
diff --git a/hosts/snowhawk/home.nix b/hosts/snowhawk/home.nix
index 9fec582..5275031 100644
--- a/hosts/snowhawk/home.nix
+++ b/hosts/snowhawk/home.nix
@@ -18,6 +18,7 @@ in
     projects.enable = true;
     lazygit.enable = true;
     dunst.enable = true;
+    sops.enable = true;
   };
 
   xsession.numlock.enable = true;
diff --git a/secrets.yaml b/secrets.yaml
new file mode 100644
index 0000000..dc19ce9
--- /dev/null
+++ b/secrets.yaml
@@ -0,0 +1,22 @@
+private_keys:
+    personal_git: ENC[AES256_GCM,data:r5NXuhqltyaZpjMhz6Nh+2Nv1UI86nxtud5aPFkAfwOuBhtDLOx5dOZWZqJ/8Lf+hjyVsCRN77GNXIKmBA3UhguIzWdWSRMboDXYePxRar+i0rBQdKK24rzPLMAYRd5L1sLml1hS5eZxds+D+C5PCv4FXrkc+9xO08RPFgqJVfFbzIEM/5HAmgG1xLpK32+56/QdwW/bL2r2bheSuNXmcrciDeilVBS5/jVgIaa8mxDHQjVPi6SdL4MGt85+OpcOesqDGuTpc00H9kd/i6mOucYCw2UjHJpLYDJ202cE0pHiKenFbssiS+NqG7dWSLKD0HqhDoHLvJVaXlLT+GxEx1ec/vHAl7LgpRRpUfcEknFpsJgliPOfr1p3D2plx/ZcWqysFy3jZ5HZI3ZawRrsDdQlKpljcjCgOeCVoTlQdrjQruDV3QueLPn5ueFMx3Iks6e/PyENXp+JhdJID5dPjckSb2vp/VUP7n3PT3aNuPMluMpXFUhUwthTb/RsKBAqDUEaw0RAe1mvAaoD3ZUJtg5Q84UVuQxQHGtS,iv:fUwoEgHb2Bat/qjnedfHVzso0qfRPXuelO26CFxdud0=,tag:bqHeF1R4+IHQ/a0urVXhIA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1zgd7qpj7vc4gjtetttqgp32aw75fmnjrw6ax2x2meul2w4jclytszvutdd
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXOGRXY1JMN20wK2tvbmNU
+            eVQ4YitPUVRzZkRubnFORU1oemVkZVRSUW1nCnp2eFBoUjhsVXprMnllVCtZK29K
+            ajJ6VUJDeXlabjJ3ZDhGWC84aDh6ZzAKLS0tIEdPTnl6bHpOcE1XVVN1WU9EUkZm
+            SjZNOWNndEIrMDFZRnV3QlRheklvMncK5n4lzgSrEDQ0M8m4SAslQvl2vq39owY9
+            s3SrXYCvQo6nsKKJMgaN0fnrSqxdSLbnrDYFchaF2fhdXozR8508PA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-07-09T04:04:27Z"
+    mac: ENC[AES256_GCM,data:DD/9KWi7rgtBa1gJBSoER2PrzFXTbkqL28yDgf6bT8uUo19N4ztm6XjzAfJuthTZPk2AuRY5J0LIiMPysHdyyCQzVlXJx7I26MQtZo+6McbGNar+rmpxOOhQE/fLV1itrJIw7vbK3SbFTycCvMt2LocQAH5H9vFhqFXJOwzbXjw=,iv:Ctp9fjHC8+F3CVyV1iVzva2BZ1rISEV5eThp1v7mb0c=,tag:IEDUeaqD7snFlk05PVeHaw==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.0