diff --git a/common/home.nix b/common/home.nix
index 433f405d..9d711114 100644
--- a/common/home.nix
+++ b/common/home.nix
@@ -38,13 +38,14 @@ in {
       # ./wezterm.nix
       # ./goread.nix
       # ./zellij.nix
-      ./kitty.nix
-      ./gui.nix
-      ./auth.nix
-      ./tmux.nix
-      ./nvim.nix
-      ./ncmpcpp.nix
       ../modules
+      ./auth.nix
+      ./gui.nix
+      ./kitty.nix
+      ./ncmpcpp.nix
+      ./nvim.nix
+      ./sops.nix
+      ./tmux.nix
     ]
     ++ lib.optionals device.isLinux [../linux]
     # ++ lib.optionals.device.isMac [../macos]
@@ -350,7 +351,7 @@ in {
             type = "openai-compatible";
             name = "llama";
             api_base = "https://llama.darksailor.dev/api/v1";
-            api_key_cmd = "op item get llama-api --fields label=credential --reveal";
+            api_key_cmd = "cat ${config.sops.secrets."llama/api_key".path}";
             models = [
               {
                 name = "qwen_2_5_1";
@@ -361,7 +362,7 @@ in {
             type = "openai-compatible";
             name = "ollama";
             api_base = "https://llama.darksailor.dev/api/ollama/v1";
-            api_key_cmd = "op item get llama-api --fields label=credential --reveal";
+            api_key_cmd = "cat ${config.sops.secrets."llama/api_key".path}";
             models = [
               {
                 name = "RobinBially/nomic-embed-text-8k";
@@ -377,7 +378,7 @@ in {
             type = "openai";
             name = "openai";
             api_base = "https://api.openai.com/v1";
-            api_key_cmd = "op item get 'OpenAI API Token' --fields label='api key' --reveal";
+            api_key_cmd = "cat ${config.sops.secrets."openai/api_key".path}";
             models = [
               {
                 name = "gpt-3.5-turbo";
diff --git a/common/sops.nix b/common/sops.nix
new file mode 100644
index 00000000..efc8feaa
--- /dev/null
+++ b/common/sops.nix
@@ -0,0 +1,17 @@
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}: {
+  imports = [
+    inputs.sops-nix.homeManagerModules.sops
+  ];
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    defaultSopsFormat = "yaml";
+    age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
+    secrets."llama/api_key" = {};
+    secrets."openai/api_key" = {};
+  };
+}
diff --git a/darwin/configuration.nix b/darwin/configuration.nix
index 771b5e94..9b29ac96 100644
--- a/darwin/configuration.nix
+++ b/darwin/configuration.nix
@@ -1,4 +1,8 @@
-{pkgs, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   imports = [./yabai.nix ./skhd.nix];
 
   # environment.systemPackages = with pkgs; [nix neovim];
diff --git a/deck.nix b/deck.nix
new file mode 100644
index 00000000..53dc32c4
--- /dev/null
+++ b/deck.nix
@@ -0,0 +1,16 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  programs = {home-manager.enable = true;};
+  home = {
+    username = "deck";
+    homeDirectory = "/home/deck";
+    packages = with pkgs; [
+      _1password-cli
+      tailscale
+    ];
+    stateVersion = "24.11";
+  };
+}
diff --git a/flake.lock b/flake.lock
index bc8249b9..87b21074 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1816,7 +1816,7 @@
       },
       "locked": {
         "lastModified": 1,
-        "narHash": "sha256-8f299/5umLrM/pBs1qOpXuudN0A7oZ9oHfqcwEbDV8w=",
+        "narHash": "sha256-JDi/Z1w+n+XPxn123PJ0IVlAconqEM9T7GDKjKCDE5Y=",
         "path": "./neovim",
         "type": "path"
       },
diff --git a/flake.nix b/flake.nix
index 732d1964..c4ee37b8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -148,6 +148,7 @@
         system = "x86_64-linux";
         user = "deck";
         hasGui = false; # Don't wan't to run GUI apps on the SteamDeck
+        isServer = true;
       }
     ];
 
@@ -207,8 +208,23 @@
     homeConfigurations = let
       devices = linux_devices;
     in
-      import ./linux/device.nix {
+      (import ./linux/device.nix {
         inherit devices inputs nixpkgs home-manager overlays;
+      })
+      // {
+        deck = let
+          pkgs = import inputs.nixpkgs {
+            inherit overlays;
+            system = "x86_64-linux";
+          };
+        in
+          home-manager.lib.homeManagerConfiguration {
+            inherit pkgs;
+            extraSpecialArgs = {
+              inherit inputs;
+            };
+            modules = [{nixpkgs.config.allowUnfree = true;} ./deck.nix];
+          };
       };
 
     packages = inputs.neovim.packages;
@@ -245,6 +261,14 @@
             user = "root";
           };
         };
+        deck = {
+          hostname = "192.168.1.52";
+          profiles.system = {
+            sshUser = "deck";
+            path = inputs.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurations.deck;
+            user = "deck";
+          };
+        };
       };
     };
 
diff --git a/neovim/nvim.nix b/neovim/nvim.nix
index 76f27e6b..450a530b 100644
--- a/neovim/nvim.nix
+++ b/neovim/nvim.nix
@@ -525,8 +525,8 @@ in rec {
         "<leader>bb" = "require'dap'.toggle_breakpoint";
         "<leader>du" = "require'dapui'.toggle";
         "<leader>fb" = "require'telescope'.extensions.file_browser.file_browser";
-        "<leader>ff" = "require'yazi'.yazi";
-        "<leader>fg" = "require'telescope.builtin'.find_files";
+        "<leader>fg" = "require'yazi'.yazi";
+        "<leader>ff" = "require'telescope.builtin'.find_files";
         "<leader>gg" = "require'telescope.builtin'.live_grep";
         "<leader>;" = "require'telescope.builtin'.buffers";
         "zR" = "require'ufo'.openAllFolds";
diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml
index 02ad0880..97b43fd5 100644
--- a/secrets/secrets.yaml
+++ b/secrets/secrets.yaml
@@ -3,6 +3,8 @@ nextcloud:
 llama:
     user: ENC[AES256_GCM,data:qWbhnc/XLotWzqbEa6ekuMe5kD/GwC9SW8omXvgWqCG1BPPCOI3DtlS4YqKxsIhYmw8MQw+4DPnaWHqjrbIsVSrQ79M=,iv:VeqkKb1N9NSKfuilG6dzYdha8cO4JqJ+YUzmkjrPU+0=,tag:SYwR1oU6VWzNoCBPsMg0uQ==,type:str]
     api_key: ENC[AES256_GCM,data:wib+xbb25sTY2K9pacc1mU5eVSyQRurHiCMZyDVSqCAmG4yjkzEykvBevpThNbTZlsk6GZuK4hH0SYJM,iv:GTU6CQ83chXHAuuL0bFMf4L+UWqlcVfXnEE0/SxLzj4=,tag:0LkOSQsuuQd6TK3KHE95TA==,type:str]
+openai:
+    api_key: ENC[AES256_GCM,data:d6z9TySB6r2myUYu4u9aZwdoy1qL+DdU4MIuel1lFMMKD4XAqn5U9Vc3t5sJ/E3hDXud,iv:500n8CY8Qd/tg+MuT+RDRAyjgy6E9Aolud/2KrRyyqk=,tag:nCowF/czJMkYoNuSl1c3ZA==,type:str]
 authelia:
     users:
         servius: ENC[AES256_GCM,data:CLhthyoNV1JwrSJubnQ60mIcKHlQm4j4rMJOzraKTYJytdFadbUHHNu9rTGOOEnf8Bp66zWHwb7Nw8djEjCyGjmS2mz4kke9xg/2pIePCcnMVAvjMvrrqDqW7ictz/pRbg==,iv:rvk/Hrq7/JGA7MucBfU6jGBmnwnpKlg/HgqJlxC8/DI=,tag:OeqbIfbnkNiOeJrnk5BWXQ==,type:str]
@@ -31,8 +33,8 @@ sops:
             VGZKdHpVeFRpQUxtSEkyaEhLMlBJcGsKLb0DvPNZosPBUuiX6qz1s5IO5INQh8CK
             ZtXTVClwMSmaUYhdSB2gKFrKVZHXTJZ4oAL5t/BpC0pOHyr+o96T3Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-11-25T09:41:19Z"
-    mac: ENC[AES256_GCM,data:F/SCUd9krIKKF7Ro7bFQJsavpRQW/gg+ISmH+ZIr5nR6i9Cyj0+hXYBJXE8cyyPmqSevFvbJjukrmPEybsKr6svHbsUifoxcMSsSZPMgDTjmOrrzpy0P1SrZhm+5aypXIgnvZG95C4tEvaciDOY1pwiRfCkEGisAH6QYStLZkYQ=,iv:cAJd0jjS5RCi+gvcUYC0AvXl5tfEylCx1XGknbpNZSE=,tag:cKW7Q5guq15wAYzO/yDhSw==,type:str]
+    lastmodified: "2024-12-06T06:02:42Z"
+    mac: ENC[AES256_GCM,data:kMwp48xQ8Fn1nWJOajspJqVTNadEgTtfhIGfUVhCiaZzlaF7Jrw/3Vk9vM80n1HxAF56c7kSFTkJxEeuwL/ltv6RyAJOIes64rXcJuFFYF0KEWQwmDPFqZP6t7gqfC7zXh6PXJ8Sbng7Mv6p/jesfLEPFtUiIPpzegeig1ebzPE=,iv:18YVAPP0GyCF6yA2sVXaQ/wx3sXRY1sLAbE1iX4Fw/A=,tag:DEPcP1Et827UE7XsbAcnXg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1