Modules: Rename sops modules to sops-nix

2025-07-09 17:28:27 +02:00
parent f6388b0d6e
commit fd8a8f6308
9 changed files with 81 additions and 54 deletions
--- a/system/modules/sops-nix/default.nix
+++ b/system/modules/sops-nix/default.nix
@ -0,0 +1,37 @@
+{
+  config,
+  lib,
+  mylib,
+  pkgs,
+  username,
+  ...
+}: let
+  inherit (config.modules) sops-nix;
+in {
+  options.modules.sops-nix = import ./options.nix {inherit lib mylib;};
+
+  config = {
+    environment.systemPackages = with pkgs; [
+      sops
+      age
+      ssh-to-age
+    ];
+
+    sops = {
+      defaultSopsFile = ./secrets.yaml;
+
+      age = {
+        keyFile = "/home/${username}/.secrets/age/age.key";
+        generateKey = false;
+        sshKeyPaths = [];
+      };
+
+      secrets = let
+        mkSecret = name: {${name} = {};};
+      in
+        if (builtins.hasAttr "${username}" sops-nix.secrets)
+        then lib.mergeAttrsList (builtins.map mkSecret sops-nix.secrets.${username})
+        else {};
+    };
+  };
+}