diff --git a/fn.nix b/fn.nix
index fb3c65c..19a962e 100644
--- a/fn.nix
+++ b/fn.nix
@@ -151,6 +151,50 @@ rec {
   # But at least it now (hopefully) checks ONLY dependencies (and all of them at that).
   depsBrokenRec =
     p: (meetsConDo (p: ifelse (depsBroken p) true (depsBrokenRec (deps p))) (p: true) (deps p));
+
+  /**
+    Helper function to generate secret definitions for sops-nix.
+
+    # Type
+    ```
+    sopsHelper :: ()
+    ```
+    # Arguments
+    # Examples
+    ```nix
+    sopsHelper (name: "services/nextcloud/${name}")
+      [ "adminPass" "dbPass" ]
+      { owner = "nextcloud"; group = "nextcloud"; }
+    =>  {
+          "services/nextcloud/adminPass" = {
+            group = "nextcloud";
+            owner = "nextcloud";
+          };
+          "services/nextcloud/dbPass" = {
+            group = "nextcloud";
+            owner = "nextcloud";
+          };
+        }
+
+    sopsHelper (user: "users/${user}/publicKey")
+      [ "alice" "bob" "eve" ]
+      (user: { path = "/etc/ssh/authorized_keys.d/${user}"; mode = "444"; })
+    =>  {
+          "users/alice/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/alice";
+          };
+          "users/bob/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/bob";
+          };
+          "users/eve/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/eve";
+          };
+        }
+    ```
+  */
   sopsHelper =
     template: names: options:
     let