diff --git a/docs/content/examples/secrets/_index.md b/docs/content/examples/secrets/_index.md
index ddc4ec6..5392770 100644
--- a/docs/content/examples/secrets/_index.md
+++ b/docs/content/examples/secrets/_index.md
@@ -1,5 +1,16 @@
-We support runtime secret (or config) value loading with [vals](https://github.com/variantdev/vals). A minimal example, using the file provider, might look like
+A good runtime secret option (thus avoiding exposing them in the nix store) is loading values with [vals](https://github.com/variantdev/vals).
+A minimal example, using the file provider, might look like
 
 {{< source "default.nix" >}}
 
-The creation of `/path/to/secret` is out of scope but we recommend checking out one of [the many nix secrets management tools](https://nixos.wiki/wiki/Comparison_of_secret_managing_schemes).
+{{< hint info >}}
+**NOTE**: The creation of `/path/to/secret` is out of scope but we recommend checking out one of the [secret managing schemes](https://nixos.wiki/wiki/Comparison_of_secret_managing_schemes).
+{{< /hint >}}
+
+Then it's up to you when and where to apply from with something along the lines of:
+
+```nix
+pkgs.writeShellScript "apply" ''
+  cat /path/to/manifests | ${pkgs.vals}/bin/vals eval | ${pkgs.kubectl}/bin/kubectl -f -
+''
+```
\ No newline at end of file