diff --git a/configs/home-manager/email.nix b/configs/home-manager/email.nix
index 27c6a18..35caa95 100644
--- a/configs/home-manager/email.nix
+++ b/configs/home-manager/email.nix
@@ -28,7 +28,7 @@
     address = "gabevenberg@gmail.com";
     primary = true;
     flavor = "gmail.com";
-    passwordCommand = "cat ~/keys/plaintext/gmail";
+    passwordCommand = "cat ${config.sops.secrets.gmail-password.path}";
     realName = "Gabe Venberg";
 
     himalaya.enable = true;
diff --git a/configs/home-manager/secrets.nix b/configs/home-manager/secrets.nix
new file mode 100644
index 0000000..f1a94da
--- /dev/null
+++ b/configs/home-manager/secrets.nix
@@ -0,0 +1,19 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  secretsDirectory = builtins.toString inputs.nix-secrets;
+in {
+  sops = {
+    defaultSopsFile = "${secretsDirectory}/common.yaml";
+    validateSopsFiles = false;
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"];
+      keyFile = "${config.home.homeDirectory}/.config/sops-nix/key.txt";
+      generateKey = true;
+    };
+  };
+}
diff --git a/configs/home-manager/sops.nix b/configs/home-manager/sops.nix
index 293619c..cfc9463 100644
--- a/configs/home-manager/sops.nix
+++ b/configs/home-manager/sops.nix
@@ -11,12 +11,12 @@ in {
     inputs.sops-nix.homeManagerModules.sops
   ];
 
-  sops={
-    defaultSopsFile="${secretsPath}/secrets.yaml";
-    age={
-      sshKeyPaths=["${config.home.homeDirectory}/keys/age/master.txt"];
-      keyFile="/var/lib/sops-nix/key.txt";
-      generateKey=true;
+  sops = {
+    defaultSopsFile = "${secretsPath}/secrets.yaml";
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/keys/age/master.txt"];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
     };
   };
 }
diff --git a/configs/home-manager/tiny-irc.nix b/configs/home-manager/tiny-irc.nix
index 366682b..e0e0bb0 100644
--- a/configs/home-manager/tiny-irc.nix
+++ b/configs/home-manager/tiny-irc.nix
@@ -31,7 +31,7 @@
           ];
           sasl = {
             username = "toric";
-            pem = "${config.home.homeDirectory}/keys/certs/irc.pem";
+            pem = config.sops.secrets.irc-cert.path;
           };
         }
       ];
diff --git a/configs/nixos/secrets.nix b/configs/nixos/secrets.nix
index d9c2cd4..387db41 100644
--- a/configs/nixos/secrets.nix
+++ b/configs/nixos/secrets.nix
@@ -13,5 +13,10 @@ in {
   sops = {
     defaultSopsFile = "${secretsDirectory}/common.yaml";
     validateSopsFiles = false;
+    age = {
+      sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
+    };
   };
 }
diff --git a/flake.lock b/flake.lock
index 2325b3c..3567a07 100644
--- a/flake.lock
+++ b/flake.lock
@@ -240,10 +240,10 @@
     "nix-secrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1717206943,
-        "narHash": "sha256-TtBaZMGhA8fkQbt/RKJml992JFr/sdz4gqdIJeu6ltk=",
+        "lastModified": 1717515079,
+        "narHash": "sha256-R9oet/t4zJnLKYw5ZPq6WOaKNF+EMejlgr4+Y98FbzY=",
         "ref": "refs/heads/main",
-        "rev": "3e19bf8fce17779c5f6fce5f8f894de8a5193fa2",
+        "rev": "a3bd4bad51a5b753f75dc8ff0c09140331320863",
         "shallow": true,
         "type": "git",
         "url": "ssh://git@git.venberg.xyz:7920/Gabe/nix-secrets.git"
diff --git a/flake.nix b/flake.nix
index 6449e46..e8b9e1d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -82,7 +82,7 @@
       }
     );
 
-    lib=configLib;
+    lib = configLib;
 
     homeManagerModules = import ./modules/home-manager;
 
diff --git a/hosts/archlaptop-vm/default.nix b/hosts/archlaptop-vm/default.nix
index 02e99ec..e4a880c 100644
--- a/hosts/archlaptop-vm/default.nix
+++ b/hosts/archlaptop-vm/default.nix
@@ -44,14 +44,14 @@ inputs.nixpkgs.lib.nixosSystem {
       };
 
       users.users.root.openssh.authorizedKeys.keys =
-      configLib.dirToStrings "${inputs.nix-secrets}/public-keys";
+        configLib.dirToStrings "${inputs.nix-secrets}/public-keys";
 
       programs.zsh.enable = true;
       environment.shells = with pkgs; [zsh];
-      users.mutableUsers=false;
+      users.mutableUsers = false;
       # Define a user account. Don't forget to set a password with ‘passwd’.
       users.users.${config.host.user} = {
-        hashedPasswordFile=config.sops.secrets.gv-password.path;
+        hashedPasswordFile = config.sops.secrets.gv-password.path;
         isNormalUser = true;
         description = "Gabe Venberg";
         shell = pkgs.zsh;
@@ -62,6 +62,9 @@ inputs.nixpkgs.lib.nixosSystem {
         ];
       };
 
+      home-manager.sharedModules = [
+        inputs.sops-nix.homeManagerModules.sops
+      ];
       home-manager.users.${config.host.user} = {
         inputs,
         osConfig,
@@ -82,7 +85,15 @@ inputs.nixpkgs.lib.nixosSystem {
           ../../configs/home-manager/common.nix
           ../../configs/home-manager/email.nix
           inputs.nixvim.homeManagerModules.nixvim
+          ../../configs/home-manager/secrets.nix
         ];
+
+        sops = {
+          secrets = {
+            gmail-password.sopsFile = "${inputs.nix-secrets}/workstations.yaml";
+            irc-cert.sopsFile = "${inputs.nix-secrets}/workstations.yaml";
+          };
+        };
       };
       # Enable the OpenSSH daemon.
       services.openssh.enable = true;
diff --git a/hosts/archlaptop-vm/secrets.nix b/hosts/archlaptop-vm/secrets.nix
index 8fdd872..e565f76 100644
--- a/hosts/archlaptop-vm/secrets.nix
+++ b/hosts/archlaptop-vm/secrets.nix
@@ -5,8 +5,8 @@
   pkgs,
   ...
 }: {
-  imports=[
-  ../../configs/nixos/secrets.nix
+  imports = [
+    ../../configs/nixos/secrets.nix
   ];
   sops.secrets.gv-password = {
     neededForUsers = true;
diff --git a/hosts/home-personal.nix b/hosts/home-personal.nix
index 740ea77..9e27668 100644
--- a/hosts/home-personal.nix
+++ b/hosts/home-personal.nix
@@ -37,8 +37,18 @@ inputs.home-manager.lib.homeManagerConfiguration {
         ../configs/home-manager/common.nix
         ../configs/home-manager/syncthing.nix
         ../configs/home-manager/email.nix
+        ../../configs/home-manager/tiny-irc.nix
         ../configs/home-manager/terminal/voice.nix
+        ../configs/home-manager/secrets.nix
+        inputs.sops-nix.homeManagerModules.sops
       ];
+
+      sops = {
+        secrets = {
+          gmail-password.sopsFile = "${inputs.nix-secrets}/workstations.yaml";
+          irc-cert.sopsFile = "${inputs.nix-secrets}/workstations.yaml";
+        };
+      };
     })
     inputs.nixvim.homeManagerModules.nixvim
   ];
diff --git a/hosts/home-workstation.nix b/hosts/home-workstation.nix
index c92506c..282cb44 100644
--- a/hosts/home-workstation.nix
+++ b/hosts/home-workstation.nix
@@ -41,7 +41,16 @@ inputs.home-manager.lib.homeManagerConfiguration {
         ../roles/home-manager/terminal.nix
         ../configs/home-manager/common.nix
         ../configs/home-manager/syncthing.nix
+        ../../configs/home-manager/tiny-irc.nix
+        ../configs/home-manager/secrets.nix
+        inputs.sops-nix.homeManagerModules.sops
       ];
+
+      sops = {
+        secrets = {
+          irc-cert.sopsFile = "${inputs.nix-secrets}/workstations.yaml";
+        };
+      };
     })
   ];
 }
diff --git a/hosts/workstation-vm/secrets.nix b/hosts/workstation-vm/secrets.nix
index 8fdd872..e565f76 100644
--- a/hosts/workstation-vm/secrets.nix
+++ b/hosts/workstation-vm/secrets.nix
@@ -5,8 +5,8 @@
   pkgs,
   ...
 }: {
-  imports=[
-  ../../configs/nixos/secrets.nix
+  imports = [
+    ../../configs/nixos/secrets.nix
   ];
   sops.secrets.gv-password = {
     neededForUsers = true;
diff --git a/roles/home-manager/terminal.nix b/roles/home-manager/terminal.nix
index 49e1777..c50109b 100644
--- a/roles/home-manager/terminal.nix
+++ b/roles/home-manager/terminal.nix
@@ -8,7 +8,6 @@
     ./minimal-terminal.nix
     ../../configs/home-manager/nushell
     ../../configs/home-manager/starship.nix
-    ../../configs/home-manager/tiny-irc.nix
   ];
 
   user = {