diff --git a/flake.lock b/flake.lock
index 6ebf1916..e8782bb4 100644
--- a/flake.lock
+++ b/flake.lock
@@ -185,6 +185,22 @@
         "type": "github"
       }
     },
+    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1625223284,
+        "narHash": "sha256-jjLcDSU1rRiJb+n3uez23XAa7kbnPcGZTa6jIKh1GMQ=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "357d2c8f6087685fe35cb1889a005a4dd4cce7b8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nur": {
       "locked": {
         "lastModified": 1635525735,
@@ -210,7 +226,27 @@
         "nixos-hardware": "nixos-hardware",
         "nixpkgs-nixos-unstable": "nixpkgs-nixos-unstable",
         "nixpkgs-stable": "nixpkgs-stable",
-        "nur": "nur"
+        "nur": "nur",
+        "sops": "sops"
+      }
+    },
+    "sops": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_3"
+      },
+      "locked": {
+        "lastModified": 1633273832,
+        "narHash": "sha256-oOjpMVYpkIUpiML61PeqTk+sg4juRvF7P6jroI/YvTw=",
+        "owner": "Mic92",
+        "repo": "sops-nix",
+        "rev": "2e86e1698d53e5bd71d9de5f8b7e8f2f5458633c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Mic92",
+        "ref": "master",
+        "repo": "sops-nix",
+        "type": "github"
       }
     }
   },
diff --git a/flake.nix b/flake.nix
index da9465bd..8e4f51be 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,6 @@
 {
   description = "NixOS configuration with flakes";
-  outputs = { self, flake-utils, home-manager, nixpkgs-nixos-unstable, nixpkgs-stable, nixos-hardware, nur, agenix, neuron } @ inputs:
+  outputs = { self, flake-utils, home-manager, nixpkgs-nixos-unstable, nixpkgs-stable, nixos-hardware, nur, agenix, neuron, sops } @ inputs:
 
   let
     mkServer = pkgs: system: hostname:
@@ -9,6 +9,7 @@
       modules = [
         (./. + "/nixos/boxes/${hostname}")
         agenix.nixosModules.age
+        sops.nixosModules.sops
       ];
       specialArgs = { inherit inputs; };
     };
@@ -18,6 +19,7 @@
       modules = [
         (./. + "/nixos/boxes/${hostname}")
         (import ./nixos/email-accounts.nix)
+        sops.nixosModules.sops
 
         home-manager.nixosModules.home-manager
         {
@@ -109,6 +111,13 @@
       repo = "neuron";
       ref = "master";
     };
+
+    sops = {
+      type = "github";
+      owner = "Mic92";
+      repo = "sops-nix";
+      ref = "master";
+    };
   };
 
 }
diff --git a/nixos/boxes/vultr1/default.nix b/nixos/boxes/vultr1/default.nix
index d292179c..b9a1292f 100644
--- a/nixos/boxes/vultr1/default.nix
+++ b/nixos/boxes/vultr1/default.nix
@@ -11,6 +11,7 @@
     ./nginx.nix
     ./folding.nix
     ./matrix-front.nix
+    ./search.nix
   ];
 
   systemd.extraConfig = ''
diff --git a/nixos/boxes/vultr1/search.nix b/nixos/boxes/vultr1/search.nix
new file mode 100644
index 00000000..598709a6
--- /dev/null
+++ b/nixos/boxes/vultr1/search.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+{
+
+  services.nginx = {
+    virtualHosts = {
+      "search.cyplo.dev" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = ''
+          access_log /dev/null;
+          error_log /dev/null;
+          proxy_connect_timeout 60s;
+          proxy_send_timeout 60s;
+          proxy_read_timeout 60s;
+        '';
+        locations."/" = {
+          proxyPass = "http://localhost:8888";
+        };
+      };
+    };
+  };
+
+  services.searx = {
+    enable = true;
+    settings = {
+      server.bind_address = "127.0.0.1";
+      server.secret_key = "notsosecrettbh";
+    };
+  };
+}
+