feat: Manage secrets w/ sops-nix

Closes #1
2024-12-28 22:28:56 -07:00
parent fa3bd72816
commit 52dc849c67
10 changed files with 186 additions and 9 deletions
--- a/modules/home/sops.nix
+++ b/modules/home/sops.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let cfg = config.sydnix.sops;
+in {
+  options = {
+   sydnix.sops = {
+      enable = mkEnableOption "Sops";
+      keyFile = mkOption {
+        description = "Path to an Age key file.";
+        type = types.path;
+        default = config.home.homeDirectory + "/key.txt";
+      };
+      secrets = mkOption {
+        description = "Secrets passed directly to sops-nix.";
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    sops = {
+      age.keyFile = cfg.keyFile;
+      defaultSopsFile = ../../users/${config.home.username}/secrets.yaml;
+      secrets = cfg.secrets;
+    };
+  };
+}