refactor sops/vpn into modules

author: Freya Murphy <freya@freyacat.org> 2026-05-26 13:01:44 -0400
committer: Freya Murphy <freya@freyacat.org> 2026-05-26 13:01:44 -0400
commit: db1096e7b1a9417fefe9039d808b213ec3302448 (patch)
tree: dc6a171f33877dddef047e07edd25790f73dd429 /system/sops.nix
parent: add amd anti lag (diff)
download: dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.tar.gz
dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.tar.bz2
dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.zip
1 files changed, 27 insertions, 0 deletions
diff --git a/system/sops.nix b/system/sops.nix
new file mode 100644
index 0000000..17f6f13
--- /dev/null
+++ b/system/sops.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  pkgs,
+  lib,
+  inputs,
+  hostDir,
+  ...
+}: let
+  inherit (lib) mkIf;
+  cfg = config.sops;
+in {
+  imports = [
+    inputs.sops-nix.nixosModules.sops
+  ];
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      sops
+    ];
+
+    sops = {
+      defaultSopsFile = hostDir + "/secrets.yaml";
+      gnupg.home = config.homePath + "/.local/share/gnupg";
+      gnupg.sshKeyPaths = [];
+    };
+  };
+}
author	Freya Murphy <freya@freyacat.org>	2026-05-26 13:01:44 -0400
committer	Freya Murphy <freya@freyacat.org>	2026-05-26 13:01:44 -0400
commit	db1096e7b1a9417fefe9039d808b213ec3302448 (patch)
tree	dc6a171f33877dddef047e07edd25790f73dd429 /system/sops.nix
parent	add amd anti lag (diff)
download	dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.tar.gz dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.tar.bz2 dotfiles-nix-db1096e7b1a9417fefe9039d808b213ec3302448.zip