diff --git a/meeting-notes/2024-12-10-decision-making-meeting-dealing-with-secrets.md b/meeting-notes/2024-12-10-decision-making-meeting-dealing-with-secrets.md
new file mode 100644
index 0000000..ae409f5
--- /dev/null
+++ b/meeting-notes/2024-12-10-decision-making-meeting-dealing-with-secrets.md
@@ -0,0 +1,74 @@
+# 'Secret(s)' meeting 
+**Date:** 2024-12-10  
+**Present:** Ronny, Koen, Eric, Richard, Gheorghe, Kevin, Valentin, Robert, Bjorn, Nicolas   
+
+## Goal of this meeting
+Decide on how we want to deal with secrets, e.g. passwords for systems.
+
+## Expected end result
+At the end of this meeting we have a decision on how to continue with secrets
+
+## Preparations
+Please read this:    
+https://git.fediversity.eu/Fediversity/meta/src/branch/main/secrets-management.md
+
+## Decision made:  
+**For now we wil continue with Agenix & keep our options open. We will also ask the security professionals for a sanity check. NLNet offers support from Radically Open Security for this. Ask them for their input & look into the security options (MFA etc). Please include advice on this for NixOps as well.**
+
+## Actions   
+@ronny will contact Radically Open Security (part of the NLNet offerings). This might take a few weeks as Ronny knows that ROS has a bit of backlog.  
+
+
+### Team members perspectives, thoughts & observations     
+* Koen 
+	* Passbolt might be an option as well (https://www.passbolt.com). 
+	* Vaultwarden is an api compatible reimplementation of Bitwarden.   
+	* If fully automated: don't care, but if broken we need to be able to easily fix this
+	* Vaultwarden is now used at Procolix. Secrets are now handled manually.  
+	* Vaultwarden maintenance is a PITA. Without docker it failed, using it now using Docker. Vaultwarden in Nix works, but still a blackbox. Need to get more info on the internals in case something breaks. 
+	* Pref solution: doubting: upfront time investment is not a problem. Is API usage by the Nix developers an obstabcle? Barrier as low as possible.
+	* Choose something now, no multiple options.   
+* Nicolas
+	* agenix prefered when talking about Git type of solutions
+	* Big question: git vs application
+	* Pref solution: agenix one person setup, bootstrapping would be easier for me. Might need a bit more time to look into applications API's. 
+* Eric
+	* Secrets for systems & config have diff req vs those for users. One size fits all does not apply here. 
+	* Pref solution: the solution with less moving parts.
+	* Offers insights into experiences he has
+* Valentin
+	* Vaultwarden offers all the features we need. 
+	* Passbolt needs to be researched to check for feature parity. 
+	* Vaultwarden is already used by Procolix. 
+	* Secrets application connects to NixOps via a resource provider 
+	* Pref solution: application route. 
+	* Domain experts have already thought about this. 
+* Gheorghe:
+	* Backup & restore should be taken into consideration as well. Test restoring with the solution you choose. 
+	* Pref solution: keep eye on what to deliver. Nicholas has to deliver, so +1 with Nicolas. 
+	* Other solution features need to be taken into account: e.g. MFA etc. 
+* Bjorn
+	* Using an application has the added benefit: users may use this as part of the services offered by Fediversity.
+	* Pref solution: what's the exit plan? Do we have an exit plan? Should check the docs for import/export for both solutions. An application would be my preference. 
+* Ronny 
+	* Users usecase 
+	* Sysadmin usecase 
+	* Systems usecase 
+	* TIL Agenix,  interesting. 
+	* Diff between users facing & systems 
+	* Pref solution: for sysadmins/users: app like Vaultwarden & for inter systems git
+* Robert
+	* In NixOps there's state incl secrets 
+	* secrets could also be transferred to the secrets management tool
+	* NixOps can call an app to generate secrets. Resource providers can stored this.
+	* Pref solution: git based, because Robert is more adapted to git. 
+* Kevin
+	* Not so aquintainted with this topic
+	* If stuff fails it would be  worthwhile to be able to access it. 
+	* Pref solution: Vaultwarden. Api looks pretty good. 
+* Richard: 
+	* Worked with Vaultwarden & Bitwarden. Not nec pref. 
+	* Only experienced the UI side not the CLI side. 
+	* Pref solution: open to both solutions 
+
+