diff --git a/.gitignore b/.gitignore
index 03f0937..8a451b7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,6 @@ README.md~
 .DS_Store
 result
 dump.txt
-*~
\ No newline at end of file
+flake.lock
+*~
+
diff --git a/README.md b/README.md
index b32ffb8..8fcdf4f 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,8 @@ Started with a configuration generated from [this nixos config template](https:/
 
 Installed nix with `--nix-build-group-id 30000`
 
-Created the full verion with secret-management:
+Initialy created 'with secrets' but stripped out the git/agenix in favor of sops
 
 ```
 mkdir -p nixos-config && cd nixos-config && nix flake --extra-experimental-features 'nix-command flakes' init -t github:dustinlyons/nixos-config#starter-with-secrets
-
-```
\ No newline at end of file
+```
diff --git a/apps/aarch64-darwin/apply b/apps/aarch64-darwin/apply
index 38325f9..b6c5dfe 100755
--- a/apps/aarch64-darwin/apply
+++ b/apps/aarch64-darwin/apply
@@ -1,5 +1,8 @@
 #!/usr/bin/env bash
 
+VERSION=1.0
+
+# Color codes
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
@@ -32,69 +35,6 @@ _prompt() {
   read -r $variable
 }
 
-insert_secrets_output() {
-  local pattern="outputs = { self, darwin, nix-homebrew, homebrew-bundle, homebrew-core, homebrew-cask, home-manager, nixpkgs, disko, agenix } @inputs:"
-  local insert_text="secrets "
-
-  awk -v pat="$pattern" -v insert="$insert_text" '
-    $0 ~ pat {
-      sub(/} @inputs:/, ", " insert "} @inputs:"); # Replace the closing brace with the insert text followed by the brace
-      gsub(/ ,/, ","); # Correct any spaces before commas
-      print
-      next
-    }
-    { print }
-  ' flake.nix > flake.nix.tmp
-
-  mv flake.nix.tmp flake.nix
-}
-
-insert_secrets_input() {
-  # Define file path
-  FILE_PATH="flake.nix"
-
-  # Backup the original file
-  cp "$FILE_PATH" "${FILE_PATH}.bak"
-
-  # Temporary file for the text to insert
-  TEMP_FILE="temp_insert.txt"
-
-  # Write the formatted text to the temporary file
-cat > "$TEMP_FILE" << 'EOF'
-    secrets = {
-      url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git";
-      flake = false;
-    };
-EOF
-
-  # Check if the 'secrets' block already exists
-  if grep -q 'url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git"' "$FILE_PATH"; then
-      echo "The 'secrets' block already exists in the file."
-      rm "$TEMP_FILE"
-      rm "${FILE_PATH}.bak"
-      exit 0
-  fi
-
-  # Find the start and end line numbers of the 'disko' block
-  START_LINE=$(grep -n 'disko = {' "$FILE_PATH" | head -n 1 | cut -d: -f1)
-  END_LINE=$(tail -n +$START_LINE "$FILE_PATH" | grep -n '};' | head -n 1 | cut -d: -f1)
-  END_LINE=$((START_LINE + END_LINE - 1))
-
-  # Create a new file with the insertion
-  {
-      sed -n "1,${END_LINE}p" "$FILE_PATH"
-      cat "$TEMP_FILE"
-      sed -n "$((END_LINE + 1)),\$p" "$FILE_PATH"
-  } > "${FILE_PATH}.new"
-
-  # Replace the original file with the new file
-  mv "${FILE_PATH}.new" "$FILE_PATH"
-
-  # Clean up the temporary files
-  rm "$TEMP_FILE"
-  rm "${FILE_PATH}.bak"
-}
-
 ask_for_star() {
   _print "${YELLOW}Would you like to support my work by starring my GitHub repo? yes/no [yes]: ${NC}"
   local response
@@ -138,12 +78,6 @@ if [[ -z "$GIT_NAME" ]]; then
   _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME
 fi
 
-_prompt "${YELLOW}Please enter your Github username: ${NC}" GITHUB_USER
-_prompt "${YELLOW}Please enter your Github secrets repository name: ${NC}" GITHUB_SECRETS_REPO
-
-export GITHUB_USER
-export GITHUB_SECRETS_REPO
-
 select_boot_disk() {
   local disks
   local _boot_disk
@@ -174,7 +108,6 @@ if [[ "$OS" != "Darwin" ]]; then
   select_boot_disk
 fi
 
-# Confirmation step
 confirm_details() {
   _print "${GREEN}Username: $USERNAME"
   _print "Email: $GIT_EMAIL"
@@ -186,8 +119,6 @@ confirm_details() {
     _print "Hostname: $HOST_NAME${NC}"
   fi
 
-  _print "${GREEN}Secrets repository: $GITHUB_USER/$GITHUB_SECRETS_REPO${NC}"
-
   _prompt "${YELLOW}Is this correct? yes/no: ${NC}" choice
 
   case "$choice" in
@@ -205,7 +136,6 @@ confirm_details() {
   esac
 }
 
-# Call the confirmation function
 confirm_details
 
 # Function to replace tokens in each file
@@ -217,8 +147,6 @@ replace_tokens() {
       LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     else
       # Linux or other
       sed -i -e "s/%USER%/$USERNAME/g" "$file"
@@ -227,16 +155,10 @@ replace_tokens() {
       sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file"
       sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file"
       sed -i -e "s/%HOST%/$HOST_NAME/g" "$file"
-      sed -i -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      sed -i -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     fi
   fi
 }
 
-# Insert secrets repo into flake
-insert_secrets_input
-insert_secrets_output
-
 # Traverse directories and call replace_tokens on each Nix file
 export -f replace_tokens
 find . -type f -exec bash -c 'replace_tokens "$0"' {} \;
diff --git a/apps/x86_64-darwin/apply b/apps/x86_64-darwin/apply
index 38325f9..b6c5dfe 100644
--- a/apps/x86_64-darwin/apply
+++ b/apps/x86_64-darwin/apply
@@ -1,5 +1,8 @@
 #!/usr/bin/env bash
 
+VERSION=1.0
+
+# Color codes
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
@@ -32,69 +35,6 @@ _prompt() {
   read -r $variable
 }
 
-insert_secrets_output() {
-  local pattern="outputs = { self, darwin, nix-homebrew, homebrew-bundle, homebrew-core, homebrew-cask, home-manager, nixpkgs, disko, agenix } @inputs:"
-  local insert_text="secrets "
-
-  awk -v pat="$pattern" -v insert="$insert_text" '
-    $0 ~ pat {
-      sub(/} @inputs:/, ", " insert "} @inputs:"); # Replace the closing brace with the insert text followed by the brace
-      gsub(/ ,/, ","); # Correct any spaces before commas
-      print
-      next
-    }
-    { print }
-  ' flake.nix > flake.nix.tmp
-
-  mv flake.nix.tmp flake.nix
-}
-
-insert_secrets_input() {
-  # Define file path
-  FILE_PATH="flake.nix"
-
-  # Backup the original file
-  cp "$FILE_PATH" "${FILE_PATH}.bak"
-
-  # Temporary file for the text to insert
-  TEMP_FILE="temp_insert.txt"
-
-  # Write the formatted text to the temporary file
-cat > "$TEMP_FILE" << 'EOF'
-    secrets = {
-      url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git";
-      flake = false;
-    };
-EOF
-
-  # Check if the 'secrets' block already exists
-  if grep -q 'url = "git+ssh://git@github.com/%GITHUB_USER%/%GITHUB_SECRETS_REPO%.git"' "$FILE_PATH"; then
-      echo "The 'secrets' block already exists in the file."
-      rm "$TEMP_FILE"
-      rm "${FILE_PATH}.bak"
-      exit 0
-  fi
-
-  # Find the start and end line numbers of the 'disko' block
-  START_LINE=$(grep -n 'disko = {' "$FILE_PATH" | head -n 1 | cut -d: -f1)
-  END_LINE=$(tail -n +$START_LINE "$FILE_PATH" | grep -n '};' | head -n 1 | cut -d: -f1)
-  END_LINE=$((START_LINE + END_LINE - 1))
-
-  # Create a new file with the insertion
-  {
-      sed -n "1,${END_LINE}p" "$FILE_PATH"
-      cat "$TEMP_FILE"
-      sed -n "$((END_LINE + 1)),\$p" "$FILE_PATH"
-  } > "${FILE_PATH}.new"
-
-  # Replace the original file with the new file
-  mv "${FILE_PATH}.new" "$FILE_PATH"
-
-  # Clean up the temporary files
-  rm "$TEMP_FILE"
-  rm "${FILE_PATH}.bak"
-}
-
 ask_for_star() {
   _print "${YELLOW}Would you like to support my work by starring my GitHub repo? yes/no [yes]: ${NC}"
   local response
@@ -138,12 +78,6 @@ if [[ -z "$GIT_NAME" ]]; then
   _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME
 fi
 
-_prompt "${YELLOW}Please enter your Github username: ${NC}" GITHUB_USER
-_prompt "${YELLOW}Please enter your Github secrets repository name: ${NC}" GITHUB_SECRETS_REPO
-
-export GITHUB_USER
-export GITHUB_SECRETS_REPO
-
 select_boot_disk() {
   local disks
   local _boot_disk
@@ -174,7 +108,6 @@ if [[ "$OS" != "Darwin" ]]; then
   select_boot_disk
 fi
 
-# Confirmation step
 confirm_details() {
   _print "${GREEN}Username: $USERNAME"
   _print "Email: $GIT_EMAIL"
@@ -186,8 +119,6 @@ confirm_details() {
     _print "Hostname: $HOST_NAME${NC}"
   fi
 
-  _print "${GREEN}Secrets repository: $GITHUB_USER/$GITHUB_SECRETS_REPO${NC}"
-
   _prompt "${YELLOW}Is this correct? yes/no: ${NC}" choice
 
   case "$choice" in
@@ -205,7 +136,6 @@ confirm_details() {
   esac
 }
 
-# Call the confirmation function
 confirm_details
 
 # Function to replace tokens in each file
@@ -217,8 +147,6 @@ replace_tokens() {
       LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     else
       # Linux or other
       sed -i -e "s/%USER%/$USERNAME/g" "$file"
@@ -227,16 +155,10 @@ replace_tokens() {
       sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file"
       sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file"
       sed -i -e "s/%HOST%/$HOST_NAME/g" "$file"
-      sed -i -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      sed -i -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     fi
   fi
 }
 
-# Insert secrets repo into flake
-insert_secrets_input
-insert_secrets_output
-
 # Traverse directories and call replace_tokens on each Nix file
 export -f replace_tokens
 find . -type f -exec bash -c 'replace_tokens "$0"' {} \;
diff --git a/apps/x86_64-linux/apply b/apps/x86_64-linux/apply
index 41f7b1c..250c34a 100644
--- a/apps/x86_64-linux/apply
+++ b/apps/x86_64-linux/apply
@@ -1,5 +1,8 @@
 #!/usr/bin/env bash
 
+VERSION=1.0
+
+# Color codes
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
@@ -75,17 +78,6 @@ if [[ -z "$GIT_NAME" ]]; then
   _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME
 fi
 
-if [[ -z "$GITHUB_USER" ]]; then
-  _prompt "${YELLOW}Please enter your Github username: ${NC}" GITHUB_USER
-fi
-
-if [[ -z "$GITHUB_SECRETS_REPO" ]]; then
-  _prompt "${YELLOW}Please enter your Github secrets repository name: ${NC}" GITHUB_SECRETS_REPO
-fi
-
-export GITHUB_USER
-export GITHUB_SECRETS_REPO
-
 select_boot_disk() {
   local disks
   local _boot_disk
@@ -128,8 +120,6 @@ confirm_details() {
     _print "Hostname: $HOST_NAME${NC}"
   fi
 
-  _print "${GREEN}Secrets repository: $GITHUB_USER/$GITHUB_SECRETS_REPO${NC}"
-
   _prompt "${YELLOW}Is this correct? yes/no: ${NC}" choice
 
   case "$choice" in
@@ -159,8 +149,6 @@ replace_tokens() {
       LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file"
       LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     else
       # Linux or other
       sed -i -e "s/%USER%/$USERNAME/g" "$file"
@@ -169,8 +157,6 @@ replace_tokens() {
       sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file"
       sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file"
       sed -i -e "s/%HOST%/$HOST_NAME/g" "$file"
-      sed -i -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      sed -i -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
     fi
   fi
 }
diff --git a/flake.nix b/flake.nix
index 3bcf1dd..c4df563 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,5 +1,5 @@
 {
-  description = "Starter Configuration with secrets for MacOS and NixOS";
+  description = "Starter Configuration with secrets (removed) for MacOS and NixOS";
   inputs = {
     nixpkgs = {
       url = "github:nixos/nixpkgs/nixos-unstable";
@@ -33,10 +33,6 @@
       url = "github:nix-community/disko";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-    secrets = {
-      url = "git@git.kolkman.org:olaf/nix-config-secrets.git";
-      flake = false;
-    };
     sops-nix = {
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -53,7 +49,6 @@
       home-manager,
       nixpkgs,
       disko,
-      secrets,
       nixd,
       sops-nix,
     }@inputs:
@@ -108,7 +103,6 @@
         "create-keys" = mkApp "create-keys" system;
         "check-keys" = mkApp "check-keys" system;
         "install" = mkApp "install" system;
-        "install-with-secrets" = mkApp "install-with-secrets" system;
       };
       mkDarwinApps = system: {
         "apply" = mkApp "apply" system;
diff --git a/modules/nixos/secrets.nix b/modules/nixos/secrets.nix
deleted file mode 100644
index dfd3628..0000000
--- a/modules/nixos/secrets.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, pkgs, agenix, secrets, ... }:
-
-let user = "olaf"; in
-{
-  age.identityPaths = [
-    "/home/${user}/.ssh/id_ed25519"
-  ];
-
-  # Your secrets go here
-  #
-  # Note: the installWithSecrets command you ran to boostrap the machine actually copies over
-  #       a Github key pair. However, if you want to store the keypair in your nix-secrets repo
-  #       instead, you can reference the age files and specify the symlink path here. Then add your
-  #       public key in shared/files.nix.
-  #
-  #       If you change the key name, you'll need to update the SSH configuration in shared/home-manager.nix
-  #       so Github reads it correctly.
-
-  #
-  # age.secrets."github-ssh-key" = {
-  #   symlink = false;
-  #   path = "/home/${user}/.ssh/id_github";
-  #   file =  "${secrets}/github-ssh-key.age";
-  #   mode = "600";
-  #   owner = "${user}";
-  #   group = "wheel";
-  # };
-
-}