diff --git a/flake.lock b/flake.lock
index ffd5dbb..ad61867 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,27 @@
 {
   "nodes": {
+    "agenix": {
+      "inputs": {
+        "darwin": "darwin",
+        "home-manager": "home-manager",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1696775529,
+        "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
     "aurora-blog-template": {
       "inputs": {
         "nixpkgs": [
@@ -20,6 +42,28 @@
         "type": "github"
       }
     },
+    "darwin": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1673295039,
+        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
+        "type": "github"
+      },
+      "original": {
+        "owner": "lnl7",
+        "ref": "master",
+        "repo": "nix-darwin",
+        "type": "github"
+      }
+    },
     "denbot": {
       "inputs": {
         "nixpkgs": [
@@ -41,6 +85,27 @@
       }
     },
     "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1682203081,
+        "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "home-manager_2": {
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
@@ -94,9 +159,10 @@
     },
     "root": {
       "inputs": {
+        "agenix": "agenix",
         "aurora-blog-template": "aurora-blog-template",
         "denbot": "denbot",
-        "home-manager": "home-manager",
+        "home-manager": "home-manager_2",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs",
         "website": "website"
diff --git a/flake.nix b/flake.nix
index 3d761f9..fdf8383 100644
--- a/flake.nix
+++ b/flake.nix
@@ -20,6 +20,10 @@
       url = "github:thiloho/discord-bot";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    agenix = {
+      url = "github:ryantm/agenix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = inputs@{ nixpkgs, home-manager, nixos-hardware, ... }: {
diff --git a/nixos-configurations/server/default.nix b/nixos-configurations/server/default.nix
index 81a19e8..fdc9b92 100644
--- a/nixos-configurations/server/default.nix
+++ b/nixos-configurations/server/default.nix
@@ -2,6 +2,7 @@
 
 {
   imports = [
+    inputs.agenix.nixosModules.default
     ./hardware-configuration.nix
     ../shared.nix
   ];
@@ -144,7 +145,10 @@
   ];
 
   home-manager.users.thiloho = { pkgs, lib, ... }: {
-    home.stateVersion = "23.05";
+    home = {
+      stateVersion = "23.05";
+      packages = [ inputs.agenix.packages."x86_64-linux".default ];
+    };
   };
   system.stateVersion = "23.05";
 }
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
new file mode 100644
index 0000000..4402453
--- /dev/null
+++ b/secrets/secrets.nix
@@ -0,0 +1,7 @@
+let
+  server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzBBw5pNpuCg1e9cJcQfcxKuTFZ0cleMkEiRZDxE+qQ thiloho@server";
+in
+{
+  "hedgedoc-environment-file.age".publicKeys = [ server ];
+  "discord-bot-token.age".publicKeys = [ server ];
+}
\ No newline at end of file