diff --git a/Readme.org b/Readme.org
index 06a1e2a..5b41575 100644
--- a/Readme.org
+++ b/Readme.org
@@ -12,3 +12,22 @@ The structure is managed by [[https://snowfall.org/guides/lib/quickstart/][Snowf
 and [[file:flake.nix]] was symlinked to file:~/.config/home-manager/flake.nix
 
 For deployment!!
+
+* Secrets management with sops
+Full documentation here: https://github.com/Mic92/sops-nix
+
+** Edit secrets
+#+begin_src sh
+sops edit secrets/secrets.yaml
+#+end_src
+
+** Authorize new device
+- Generate public key from ssh -> Private age key generation not needed
+#+begin_src sh
+ssh-to-age < /etc/ssh/ssh_host_ed25519_key
+#+end_src
+- Add age public key to file:.sops.yaml
+- Update keys
+#+begin_src sh
+sops updatekeys secrets/*
+#+end_src