diff --git a/nix/modules/system/secrets.nix b/nix/modules/system/secrets.nix
index fa2913c..7b75ed1 100644
--- a/nix/modules/system/secrets.nix
+++ b/nix/modules/system/secrets.nix
@@ -30,6 +30,21 @@ in
           '';
       };
     };
+  flake.modules.darwin.default =
+    { config, ... }:
+    {
+      imports = [ inputs.sops-nix.darwinModules.sops ];
+      config = {
+        sops = {
+          age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ];
+          secrets."keys/gemini".sopsFile = secrets + "/keys.yaml";
+        };
+        environment.shellInit = # sh
+          ''
+            export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
+          '';
+      };
+    };
   flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ];
   perSystem =
     { pkgs, ... }: