From 56b471cdd4685ed07de58f17562408dbf676c890 Mon Sep 17 00:00:00 2001
From: Julian Mutter <julian.mutter@comumail.de>
Date: Fri, 21 Mar 2025 21:45:26 +0100
Subject: [PATCH] Document sops usage in Readme

---
 Readme.org | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/Readme.org b/Readme.org
index 06a1e2a..5b41575 100644
--- a/Readme.org
+++ b/Readme.org
@@ -12,3 +12,22 @@ The structure is managed by [[https://snowfall.org/guides/lib/quickstart/][Snowf
 and [[file:flake.nix]] was symlinked to file:~/.config/home-manager/flake.nix
 
 For deployment!!
+
+* Secrets management with sops
+Full documentation here: https://github.com/Mic92/sops-nix
+
+** Edit secrets
+#+begin_src sh
+sops edit secrets/secrets.yaml
+#+end_src
+
+** Authorize new device
+- Generate public key from ssh -> Private age key generation not needed
+#+begin_src sh
+ssh-to-age < /etc/ssh/ssh_host_ed25519_key
+#+end_src
+- Add age public key to file:.sops.yaml
+- Update keys
+#+begin_src sh
+sops updatekeys secrets/*
+#+end_src