diff --git a/systems/x86_64-linux/sgx/default.nix b/systems/x86_64-linux/sgx/default.nix
index be8954b..f1b31f3 100644
--- a/systems/x86_64-linux/sgx/default.nix
+++ b/systems/x86_64-linux/sgx/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
   imports = [
     ./hardware-configuration.nix
@@ -16,6 +16,7 @@
 
   sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml;
   sops.secrets.backup-pw.sopsFile = ../../../.secrets/sgx/backup-s3.yaml;
+  sops.secrets."searx/secret_key".sopsFile = ../../../.secrets/sgx/searx.yaml;
 
   environment.systemPackages = with pkgs; [
     claude-code
@@ -30,6 +31,11 @@
     uwsgiConfig = {
       http = ":8081";
     };
+    settings = {
+      server = {
+        secret_key = config.sops.secrets."searx/secret_key".path;
+      };
+    };
   };
 
   metacfg = {