From 7f2208976593f3b8e8a7397b680036de0188f5fd Mon Sep 17 00:00:00 2001
From: Christoph Urlacher <christoph.urlacher@protonmail.com>
Date: Thu, 26 Mar 2026 21:23:48 +0100
Subject: [PATCH] Modules/Sops: Don't hardcode age keyFile path

---
 system/default.nix                        | 1 +
 system/systemmodules/sops-nix/default.nix | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/system/default.nix b/system/default.nix
index 03048093..dd2e9c40 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -235,6 +235,7 @@ with mylib.networking; {
     description = "Christoph";
     group = "users";
     uid = 1000;
+    home = "/home/${username}";
     extraGroups = [
       "networkmanager"
       "wheel"
diff --git a/system/systemmodules/sops-nix/default.nix b/system/systemmodules/sops-nix/default.nix
index 91d82e65..ef4df0ba 100644
--- a/system/systemmodules/sops-nix/default.nix
+++ b/system/systemmodules/sops-nix/default.nix
@@ -26,7 +26,7 @@ in {
       defaultSopsFile = ./secrets.yaml;
 
       age = {
-        keyFile = lib.mkDefault "/home/${username}/.secrets/age/age.key";
+        keyFile = lib.mkDefault "${config.users.users.${username}.home}/.secrets/age/age.key";
         generateKey = false;
         sshKeyPaths = [];
       };