diff --git a/secrets/.gitattributes b/secrets/.gitattributes
index a741d4d..7ca9979 100644
--- a/secrets/.gitattributes
+++ b/secrets/.gitattributes
@@ -1,3 +1,5 @@
 * filter=git-crypt diff=git-crypt
 .gitattributes !filter !diff
 /default.nix !filter !diff
+/secrets.nix !filter !diff
+*.age !filter !diff
diff --git a/secrets/acme/dns-key.age b/secrets/acme/dns-key.age
new file mode 100644
index 0000000..97d397c
--- /dev/null
+++ b/secrets/acme/dns-key.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg 0bz3W8QcGaulxy+kDmM717jTthQpFOCwV9HkenFJEyo
+NKeh1/JkX4WAWbOjUeKLMbsyCevnDf3a70FfYUav26c
+-> ssh-ed25519 jPowng Q59ybJMMteOSB6hZ5m6UPP0N2p8jrDSu5vBYwPgGcRw
+j420on2jSsfMsv4MDtiOTMIFjaXV7sIsrS+g4iab+68
+-> z}.q-grease s2W<qM_Z t
+n1Yfs/gmNsl/n9HtuKBIIT8iwIjYca2yxlh7Q1XAT1B+RZ8oGjW8yCPj1unbDGZL
+e5BfLO3zgkEZnQ
+--- FSgNKEdDeeTjCx9jN9UtOFl58mC/Lbu1PAYRGK0CZW4
+U€¿+æ©jïÝ{gø`GŽ›ÆàÂˆR¾Qk]šóïdÐ6å˜ú‚y5T²$ÄÃ±s~Ùh‰Ä£òÔFº¢ç%°vöÌm
\ No newline at end of file
diff --git a/secrets/backup/credentials.age b/secrets/backup/credentials.age
new file mode 100644
index 0000000..b8ea008
--- /dev/null
+++ b/secrets/backup/credentials.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg YlDuj9wwBKSHHvQOhfti1ah95vxDV3bLE+GElBkyTB0
+KsMyd3L4GaQa0eDQps+bJXj+cpy0zUNvFXU8NAmtThI
+-> ssh-ed25519 jPowng JB4UtNyZab4ab4Pep3acyMjwCbluuEPuI6YOQ/045Fo
+P9qnrPDGpHJL1TyNqYdNfqkd21Yjn/5mlovorWy60j4
+-> _6l|s-grease M ]2qMsa'w P] j0EE
+W3CToUTg
+--- 8aWYUi33mEIKFcFbphlDZumnBu9Xbj+j18dQbElx1v8
+3$m(øäÂTK±î·”eAZâ>dn:-­Òí‚¥ˆÅh.›(¶U²!rìx	D3ô‡4Ø93~È»f{üƒšL¸ÎþÆ£ÃØ>Þß^v›l—¡Î-=„í¯ä£ÉU'â»(,µ#;¤ªHñÆ@M%|Ê¦
\ No newline at end of file
diff --git a/secrets/backup/password.age b/secrets/backup/password.age
new file mode 100644
index 0000000..3af9fbe
--- /dev/null
+++ b/secrets/backup/password.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg dgS4bezgtDi44R1A8am+J6zh80kUVYTo1heaxJCtzX4
+F3w/62xwtqYa40NU7OvF9pnZzYz/5hACAGJfMA4e2zw
+-> ssh-ed25519 jPowng lx81CK3yeNp9RjHCUFJeKYZlRzxBmXuADVBvRc13zCI
+P7e75t8xU+ZkYmeQ8mmMfyZZsRdG1J8yrvSUkiWzkFQ
+-> *z4/`-grease S/)a{e sFd";=
+--- 15FVhqRTkoPFEeETRRyFQhsv4Fn19Ozlax0u8Zy9mNA
+õ#+¥àÎvøSÈ4èá}§Rì%‹Î¯F4fnDœ˜J¹¤Z‹¸A¥Û™,_
\ No newline at end of file
diff --git a/secrets/drone/gitea.age b/secrets/drone/gitea.age
new file mode 100644
index 0000000..d1c14e7
--- /dev/null
+++ b/secrets/drone/gitea.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg vLLu1kbzyGxr5sU/Dl4xf0uGO+gVsvODiqEJU21lwyI
+LbJO4Go+8G7/UtFWjv+x7Nqhn7n+kge/oHP8dGCBnM8
+-> ssh-ed25519 jPowng obxX4ojPwp/DaerFzVbK5hUnshebh/chriT3a7uqYEw
+x9jpbBefJZHz8o1lEkr48XhT7sVAM5tq3tZ8M91CDDo
+-> eZ.G`B3W-grease 6k|.\v
+D0u3P4oCpPNnueqZAAYn71xEUGWlavwLTrEXJ+2tdYOX6BwwFReOlMZWIA+FikmZ
+8Pg7dHnbYPWc33jMjv3UnNsxCGUsDw9C9NkI5vfZSLvUxQ
+--- Cea09ivsGZeoWif7xbdrvfoGsoiD+tRh7HQsOL75cqE
+t‘Fa˜|GÐ, ìoå6Öù$ë×ý…U«"âwiß¹ªÈS½Ó¿î›wà×ghµ6^Ð*=¬¦©[¬g1%çVuäápû©-›™ï{›`ÑPÅ(?&¼QV#îKeåX•4dß÷KÞ:šxt‰0LsbÃ†6Þœßü Ð[¡ #E[¬í•¹ì>Ë)|cwÅëÑqŸÊö+cÄõ¶þÕw1$ÓÌý×Ò^I(wGÕ¡ç9>jIâ(yÌ!@O«Æ‰kE¼z]áí«Pk
\ No newline at end of file
diff --git a/secrets/drone/secret.age b/secrets/drone/secret.age
new file mode 100644
index 0000000..c529200
--- /dev/null
+++ b/secrets/drone/secret.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg 1+cLlzctgcM0FnVDwMPOAqBkvMcDBRg8SvCw4djI93Y
+oV2XI4f1AvM9P591kZZ6NgJXa+SDtqGzCSgc4psOmxM
+-> ssh-ed25519 jPowng Ufjfh1p350XxRPg95+/DHdmnl4lC0bbzUUlaxd1Bmxc
+/RHwFDSn2ov+60r1uHUigrsn99+GmmKmlk4h4T2gbA0
+-> *Lc$@-grease
+pzVJAHy1qRq3jUrnFV0DDO7/hwV1US4Ogf0RsrVfX0xzbr73uJ003YjieVB25LqN
+--- ME7/iVevyiguyhXugbkVFGzJV0yDccyKNlWbEZa/FmY
+YžŠXjb2uþnd;i0íýX]…§é0–þjé’L„PÔT~óú ƒÙ^kc”$D×ÚÛr¹úu³¶fr€e¸OÕ¸þ+p•¨&ãw®öÏ¨
\ No newline at end of file
diff --git a/secrets/drone/ssh/key.pub b/secrets/drone/ssh/key.pub
deleted file mode 100644
index ca1b5e8..0000000
Binary files a/secrets/drone/ssh/key.pub and /dev/null differ
diff --git a/secrets/drone/ssh/private-key.age b/secrets/drone/ssh/private-key.age
new file mode 100644
index 0000000..0211701
Binary files /dev/null and b/secrets/drone/ssh/private-key.age differ
diff --git a/secrets/lohr/secret.age b/secrets/lohr/secret.age
new file mode 100644
index 0000000..fa310b4
--- /dev/null
+++ b/secrets/lohr/secret.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg HCVbkI26JjkBgm1L2cpunVui0PfHLNfnx6VczErF3A4
+3jEHfT6wUqNNFZFaVeiNBUhSKZmuKclPmubDMsda5O8
+-> ssh-ed25519 jPowng SyClv9kGtjRKSXdig27tiqp66wD1T8QsHeOD2JQl4QA
+8zdtfSJEh5/bfu5tb6M8Jgy5CZPiWD8TLQDpzp6cTr0
+-> 3r2-grease
+Lg/G911eZjeZTw5xhqje26vDfJkcSro+gKQ5SUboxLMnaibNi1qTeRLR
+--- Q5/fikhVPoK+NFujTso5V7cty4k/dQlzFlz5z9DkzYk
+øt/ŒW‹AMuˆ"Þêð´—ó-!@›¨E1¯” äR[eŽ’hÖû3ëŒÉÐScoÝBt1TýØb¨äÀ3möP×Tc¤feP
\ No newline at end of file
diff --git a/secrets/matrix/mail.age b/secrets/matrix/mail.age
new file mode 100644
index 0000000..1fe3a71
--- /dev/null
+++ b/secrets/matrix/mail.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg lmu3MinmydRHD0A/YVRRtopermfoBC8M8cTHfVanY1s
+ygrtpZZJ7aeQTblNazpoP7DdifmDxHsE3DFJsIrWX5M
+-> ssh-ed25519 jPowng X0cihOc+fBtmtrkEivIHQngdYIobezXEF1x+pHqNzAw
+/+sw9x1NWY0anZhDMpAywBPrR0F4XCHaF9e8j/Yo/kI
+-> 32;%1s-grease
+JafjuSZty6a4NSO/y4y5wHWL8Mw
+--- dwCl66vdpsL0MR5NWWvg3JUnQ2QZQBeW0Dj0l5tvOKY
+oi,`ÓÜ#uÄwW%PoubÚ­cy8óƒÃÉ><¿F‰Ååq…ÂKÃ‚Çk0Çk/hÀ¥Ÿ5åŠ¿ÝF+ýu‡ •e€¾Ÿ²óôbãè>1QŠ2®ñwn˜WbÖ–B˜âîiŸ^xurâ†-/llùÒÀÀ-ã=°7;jã0»I×%Fi¼í€ø‹™A;Y†ìUd]KÅI0(½ ”øAg£Ðóž^†uG:äpkJ’Ÿ:q¢šWSaLw¯¿Ô!ïM³4ã L/ùZÅ‡®¢D¶-XéUb»‘vÊbP‚ó›0ÇÅfÂ9êú †âJ`ÃX°ôÐOÅ!s›{ÙÄQAšc€c;ÏÃÑ‹4öMíÚ†Ý¹lxH&ïéöé{é}ÁäÛzZ¦œ‚9Ã»ÊXžÜ“g‰]VÏ±•0gt¡¿…žw·
\ No newline at end of file
diff --git a/secrets/matrix/secret.age b/secrets/matrix/secret.age
new file mode 100644
index 0000000..a287435
--- /dev/null
+++ b/secrets/matrix/secret.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg ociW6AZww4nfW0Dw0DB0WNgQbJ3MNkHPPZlA0z+o/mI
+THAz89pjyrkxJB9tPQGgEwZrZX9OudWMnyzr0JiwzTA
+-> ssh-ed25519 jPowng 1werbtuWK0DUFxq9mAWp/QzMHC1B8UfadutvK6+j9XE
+YmAwYo3X00gMB9AyQfOsR82CUPAtxfuzCzP4OyYFxjc
+-> 8g-grease N9DR4 .U<
+--- Cwh2hPrM2RzRroJRw3XrP1khcpL0leTXfJ+T7WG57To
+¡Â±jÏ°LæDFºðÔ xuxý1
+U/âàoÚGgoãË)Çê÷*Þï/Ç”dÈ"L#RõÄhWPÛÍû«
\ No newline at end of file
diff --git a/secrets/miniflux/credentials.age b/secrets/miniflux/credentials.age
new file mode 100644
index 0000000..9790159
Binary files /dev/null and b/secrets/miniflux/credentials.age differ
diff --git a/secrets/monitoring/password.age b/secrets/monitoring/password.age
new file mode 100644
index 0000000..410536f
--- /dev/null
+++ b/secrets/monitoring/password.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg OdLtFHbHbc28rUn47vgsVvXxFNg9nF+9y9R6XOK390Y
+yQQYUPQGjN2+xrSqqBYa7/zS618KrVjX5Amw2MFuSLg
+-> ssh-ed25519 jPowng NwUjiLtiXVi6XFmht5l1CxEs3gm0oN4vHYwDZyda7Q4
+di6znVjNRO6QdqteVNkeot5Ko2NwWLe6v+zVR3f+o10
+-> 4Vx%\(-grease ^^Z>EC91 R 2BJ d48Wip*s
+yPiBgChRF31XgxccQFLO3MzRL7+5s29sfRoF3W1yUX6Bu59MpxD4D+n/jhLcxSH/
+CxW7KaiOctNmPm5tWh6qjmgQ+V4bcAji5vo4FKs40l56cfyueEJj+Q
+--- WUGF28zqK9E1AlOeeCtSHxFg6ikRy85gOoLtBd4m0y0
+.|…rr>©†ðìì1ÅÆ2SÉž.×hwwqºš%i˜øé	‚*U^­)Öè'qžµ›O2ÓœümòQÝ7˜¯m`
\ No newline at end of file
diff --git a/secrets/nextcloud/password.age b/secrets/nextcloud/password.age
new file mode 100644
index 0000000..9fd3c53
Binary files /dev/null and b/secrets/nextcloud/password.age differ
diff --git a/secrets/paperless/password.age b/secrets/paperless/password.age
new file mode 100644
index 0000000..3fe76cb
--- /dev/null
+++ b/secrets/paperless/password.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg zhpo89xef68JoeOFWzhdFshrj2BXXUCFPMLVJzv6EyE
+fmJxJi5rmyai9qGwDo7iHg4BrObGre96KCpl+g91O6I
+-> ssh-ed25519 jPowng INA6EZdy4J1p3QY5mfVOQXiLdOjIDaZR+CZMP+GfkXM
+8Nf5soaxY5SEzeJca5kaJkx7ByOvc4NkJVetB7wpEmo
+-> xjK'w-grease
+f5v0cvlt4JbHlAwDOob86qOInWdlN/oohTg
+--- NTGv4rr+MhJ/YeZhVHOjoS1V+zCHFf2itJYfK36R+wE
+š×—®JÚ dõ– oªê'YFUŸ@
+r7”ã“_N$‰ÿ–è‡>‚¡ê]hq»-¨FÛ°qXÿ?Î|?µÊ
\ No newline at end of file
diff --git a/secrets/paperless/secret-key.age b/secrets/paperless/secret-key.age
new file mode 100644
index 0000000..eae5c56
--- /dev/null
+++ b/secrets/paperless/secret-key.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg tZwn2usN6K62oS4vBa6boh9zEp/+cS4chP8boXG6SH4
+Fr3kV8gUDoiDqMxPYWsHyww8umYhQEKhqbVBiVw5NeI
+-> ssh-ed25519 jPowng wRbJl4G85obH/GluQBBsXE7MOvooEui65eqHfurvuQs
+KqVZMBSyHhkayEdwI6ocmA4qhHY9zYJvg1CEKM1SOa0
+-> 2E"/OFW-grease o Qp3HFe^
+bGhCNicPqt7txqxUiEWXCFs1OuQLqOqHmjHSqYQv919dqYep/xBXzi/aRf3dsdvh
+TCJCTvZG31Qxvikp
+--- xKJGbdVp+Z5h0vCBleSF2zYYYd2S5i0y4szNqjRwrDY
+Tª/N¯¨¹i7m4‚#³MhiñP¹šÒÞ›Á¥-ÏgI÷ñ±%@E†(›iÿ7·ý©ýYg¦k±´"+ã¸ Àª(þ]o¨¸–ý†ð@báÊÞ§+Ï[‚Y"ÿ‘ÌBóóCR[ >-Ë.4d…¤b9v
\ No newline at end of file
diff --git a/secrets/podgrab/password.age b/secrets/podgrab/password.age
new file mode 100644
index 0000000..90e2501
--- /dev/null
+++ b/secrets/podgrab/password.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg 8rcBI7fYHuA3jO6EzJNFaAj2niIApKDt1HQEv61AKTs
+ANxkIX/CeI7t7Zqp6wmjt/D194Z+xpeiidb+qvYzoQU
+-> ssh-ed25519 jPowng oruewwTM9X/HjjcmOPcQVdp02rQBlgJPdzvlAffs3T0
+MrO0kaNhjgOkNHuz3NrIMWXNrXOHH9dT/Fk6hoQNKyY
+-> COK%H7-grease
+6yfI90QurOKlM+kgpW8KZ/iBzDYD9yhNmjG1LQ
+--- uArz8eHg8sLO0sdlkM6cELFh+FHiI5BrM0+iXJxxiDo
+¿vývû´ÊNÊbæ@Ÿ¡ÂFÛMMíYËÆíÌ&‰’/%¤¹Ñm¨®ØtÁÖ“ªd†h„­|¡ðŒß©8¼Ž Ú½¨9‚®Cã¯/Å
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
new file mode 100644
index 0000000..dcaa6d6
--- /dev/null
+++ b/secrets/secrets.nix
@@ -0,0 +1,49 @@
+let
+  # FIXME: read them from directories
+  ambroisie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIVd6Oh08iUNb1vTULbxGpevnh++wxsWW9wqhaDryIq ambroisie@agenix";
+  users = [ ambroisie ];
+
+  porthos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGzznQ3LSmBYHx6fXthgMDiTcU5i/Nvj020SbmhzAFb root@porthos";
+  machines = [ porthos ];
+
+  all = users ++ machines;
+in
+{
+  "acme/dns-key.age".publicKeys = all;
+
+  "backup/password.age".publicKeys = all;
+  "backup/credentials.age".publicKeys = all;
+
+  "drone/gitea.age".publicKeys = all;
+  "drone/secret.age".publicKeys = all;
+  "drone/ssh/private-key.age".publicKeys = all;
+
+  "lohr/secret.age".publicKeys = all;
+
+  "matrix/mail.age".publicKeys = all;
+  "matrix/secret.age".publicKeys = all;
+
+  "miniflux/credentials.age".publicKeys = all;
+
+  "monitoring/password.age".publicKeys = all;
+
+  "nextcloud/password.age".publicKeys = all;
+
+  "paperless/password.age".publicKeys = all;
+  "paperless/secret-key.age".publicKeys = all;
+
+  "podgrab/password.age".publicKeys = all;
+
+  "sso/auth-key.age".publicKeys = all;
+  "sso/ambroisie/password-hash.age".publicKeys = all;
+  "sso/ambroisie/totp-secret.age".publicKeys = all;
+
+  "transmission/credentials.age".publicKeys = all;
+
+  "users/ambroisie/hashed-password.age".publicKeys = all;
+  "users/root/hashed-password.age".publicKeys = all;
+
+  "wireguard/aramis/private-key.age".publicKeys = all;
+  "wireguard/porthos/private-key.age".publicKeys = all;
+  "wireguard/richelieu/private-key.age".publicKeys = all;
+}
diff --git a/secrets/sso/ambroisie/password-hash.age b/secrets/sso/ambroisie/password-hash.age
new file mode 100644
index 0000000..10d9eaa
Binary files /dev/null and b/secrets/sso/ambroisie/password-hash.age differ
diff --git a/secrets/sso/ambroisie/totp-secret.age b/secrets/sso/ambroisie/totp-secret.age
new file mode 100644
index 0000000..c5ce19b
Binary files /dev/null and b/secrets/sso/ambroisie/totp-secret.age differ
diff --git a/secrets/sso/auth-key.age b/secrets/sso/auth-key.age
new file mode 100644
index 0000000..4e05b15
Binary files /dev/null and b/secrets/sso/auth-key.age differ
diff --git a/secrets/transmission/credentials.age b/secrets/transmission/credentials.age
new file mode 100644
index 0000000..4f407fa
--- /dev/null
+++ b/secrets/transmission/credentials.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg mP2H3PWJN6Pv3q6C2wci3KnXjtFAIiuGy0YH0sGIy2g
+f43QqyUQfTYznszub47kgc2Mz95zVScTDkwnG3INi9U
+-> ssh-ed25519 jPowng fENbu7+FZ1mnQQHQCLm1spLHmsQGlRoJResUJtGzYkY
+hX+AqCkLCca6m/aKtGCThi7/mCCz/TZQNJNOlOmlqyA
+-> J<-grease
+n7+CPRr4oazWnE7yzpJN2ZAI4QrGsAerloP4wNeebjQDx8+IxJq1JE0g3Yi0RxzN
+chDccuSPLYk45Ov+SD/qqqFZlQ
+--- p81HYw3LFj+qz2kiZsDcevM4ZBfvN743P9Jdi7J9XkM
+‚¢ìÛ±S·7 ‘ý£÷ÜãV»»Bðßâø±³ˆ¶ïO‰lEt˜‹Á…šqý</Ç—Ø©9²ã(ØP†$Wƒ0h;÷‰±àJy¯feø‚ >·_D,PºVFp\æ"AM}èg?ÿÝ/\²Ä;ùy’¬Óš(ÑSñKË
\ No newline at end of file
diff --git a/secrets/users/ambroisie/hashed-password.age b/secrets/users/ambroisie/hashed-password.age
new file mode 100644
index 0000000..09a80f4
--- /dev/null
+++ b/secrets/users/ambroisie/hashed-password.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg vOaL2ZKsFEjX9mzQvw8Je7x2Dq8cMhrZEyBTXpH4QnE
+HXO4fbWdJsbsRmGq0IYzq8/szObxzpsGfQNNTJ4vNzg
+-> ssh-ed25519 jPowng WPxg0pP6O3ZS4dPc1WcDvzig22Fylk3mR/W9STaWbW4
+GuhFwt7M5Lc38q2LC/0eul0yP60UxmWwi9I8ToHv7bE
+-> :;V8\-grease ZC#7~eR# P<'e?vI3 9R
+lZlb44QiAaIxd0SYiRNT/QRnxxUt7npbksg
+--- 9xv4lt8IcGR8jP0UcKYYnTuh1Ix/pqXgDmevkTH9j1A
+Ï]ºcÓ3óxíwÿ'ã	`ùhçÒ=X¨í·¢Ç‘g3ÆÆÄ]~ËôÞqÙ.XnÄa*€±W:–¸±,â©z®vyzñI¦æ }ÂDO=`êw“ñõ¹ˆ7:™ù“ÐRx•5$¨Ö6:ö¨´"õ,HM„"_ëÞòMÛMƒœˆBJe‰ùFá
\ No newline at end of file
diff --git a/secrets/users/root/hashed-password.age b/secrets/users/root/hashed-password.age
new file mode 100644
index 0000000..14986f1
Binary files /dev/null and b/secrets/users/root/hashed-password.age differ
diff --git a/secrets/wireguard/.gitattributes b/secrets/wireguard/.gitattributes
index d4bba55..714f3f9 100644
--- a/secrets/wireguard/.gitattributes
+++ b/secrets/wireguard/.gitattributes
@@ -1 +1,2 @@
 /default.nix filter diff
+public-key.txt filter diff
diff --git a/secrets/wireguard/aramis/private-key.age b/secrets/wireguard/aramis/private-key.age
new file mode 100644
index 0000000..d790b64
Binary files /dev/null and b/secrets/wireguard/aramis/private-key.age differ
diff --git a/secrets/wireguard/porthos/private-key.age b/secrets/wireguard/porthos/private-key.age
new file mode 100644
index 0000000..4abe1e5
--- /dev/null
+++ b/secrets/wireguard/porthos/private-key.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg +WwRpd2MzycutQFXyLsr2+GzSgF67Z6UuvyqYZaLd3w
+sppt8HzaZP3yxnvnhzjl18Trnz8g3VyXJ6CaVBWd7jA
+-> ssh-ed25519 jPowng wanoqGB7T8bim/WZ4IAYViFQoGzaIZSgeoTr3YKpeTY
+ihDAdGa1XVW/qQz40V1v7a7iK7tu0EHMa7ayIogpcRw
+-> l-grease |PIcZ NIr >0;*
+4o8o0bevQZ6uDSx1WxxlDCURbFCM+yK1XPdrb9aztCSvG2a+ne78E42l5rBcoH7I
+m51A8uWS4nSj36N/76v6K4kelxKzWUg
+--- O6cGbTAVbDcdmPHf7UzfZiyiRtu1yfL4sBI+CkJA1qw
+ýqýÕ$ò`¿w'èS“X¸]¥á÷ø®úî…?¤6‹Ð/ÆN(Bžò N«a”.ÿ HŽ7¿í•Iú÷Àoz‡/4:sK",7J
\ No newline at end of file
diff --git a/secrets/wireguard/richelieu/private-key.age b/secrets/wireguard/richelieu/private-key.age
new file mode 100644
index 0000000..e796688
--- /dev/null
+++ b/secrets/wireguard/richelieu/private-key.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 cKojmg rYhrpoTaFjLBGtbCXxEK7jZa+KnriEV/kWViIEjmuQs
+jHMSjxKIIqjUnpAcEo3JgsieI1iiA5/gKEx8+QFhDgY
+-> ssh-ed25519 jPowng 6sQQFvSbWdjgDYSKmJ/CBG+BTzxFghX4SaJ4GyACKWc
+OABJuh+Ta8q+G0onF/9bz3xxv4zTlHYlF4AjC5P6Y6I
+-> xwW|#D`-grease $xYH C m8lBk9
+OBqgvLNIurE0qNaSB7dO2/6dQkVXeLgf/3l9gGlRJ6ynhqwmbXOUa0vyj+OBz27O
+uI97+0y1TFAs3HN0Y8nj8LrwsafbDENu99JuVow2OuLKeSqc7sxOQQ
+--- 9filSHStPTJJGDLY7AWzIXu/6tK4X0okT522sc4OJTc
+M{²ûô˜¿$¹:NÙÐ[Ý¶¬2xy8&äJ_{RÜLXü`W‡•€‡Í»xÑ*Pr`¾U²pøŽJÉ”øêF#åYÔý×òXæP”S	s
\ No newline at end of file