From 7f17a9eadb1e6bd95109731b20f2acdd5bb8ef23 Mon Sep 17 00:00:00 2001
From: Lilith <ole@benstem.de>
Date: Thu, 27 Feb 2025 01:37:42 +0100
Subject: [PATCH] sops

---
 system/default.nix     | 2 ++
 system/fonts.nix       | 2 +-
 system/persistence.nix | 2 +-
 system/sops.nix        | 5 +++++
 system/syncthing.nix   | 6 +++---
 system/users.nix       | 4 ++--
 6 files changed, 14 insertions(+), 7 deletions(-)
 create mode 100644 system/sops.nix

diff --git a/system/default.nix b/system/default.nix
index b3fceaee..c667775f 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -20,6 +20,8 @@
     ./fonts.nix
     ./bluetooth.nix
     ./zsh.nix
+
+    ./sops.nix
   ];
 
   system.stateVersion = "24.11";
diff --git a/system/fonts.nix b/system/fonts.nix
index 3505b118..93fc7434 100644
--- a/system/fonts.nix
+++ b/system/fonts.nix
@@ -1,4 +1,4 @@
-{...}: {
+{ pkgs, ...}: {
   fonts.packages = with pkgs; [
     nerd-fonts.jetbrains-mono
     twemoji-color-font
diff --git a/system/persistence.nix b/system/persistence.nix
index 359b9c80..7caeb727 100644
--- a/system/persistence.nix
+++ b/system/persistence.nix
@@ -29,7 +29,7 @@
         ".keepass"
       ];
       files = [];
-    }
+    };
   };
 
   environment.persistence."/persist/cache" = {
diff --git a/system/sops.nix b/system/sops.nix
new file mode 100644
index 00000000..cbf89233
--- /dev/null
+++ b/system/sops.nix
@@ -0,0 +1,5 @@
+{ sops-nix, ... }: {
+  imports = [ sops-nix.nixosModules.sops ];
+
+  sops.age.keyFile = /persist/data/home/lilith/.config.sops/age/keys.txt;
+}
diff --git a/system/syncthing.nix b/system/syncthing.nix
index 27cb61bc..169fac40 100644
--- a/system/syncthing.nix
+++ b/system/syncthing.nix
@@ -1,5 +1,5 @@
-{ config, ...}: let 
-    host = networking.hostName;
+{ config, sops, ...}: let 
+    host = config.networking.hostName;
   in {
 
   sops.secrets."syncthing/key.pem" = {
@@ -12,7 +12,7 @@
   services.syncthing = {
     enable = true;
 
-    user = lilith;
+    user = "lilith";
     dataDir = "/home/lilith";
     configDir = "/home/lilith/.config/syncthing";
 
diff --git a/system/users.nix b/system/users.nix
index a71336e5..7ec621c0 100644
--- a/system/users.nix
+++ b/system/users.nix
@@ -17,12 +17,12 @@
       neededForUsers = true;
     };
     "user/ssh/private" = {
-      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      sopsFile = ../hosts/${host}/secrets/default.yaml;
       path = "/home/lilith/.ssh/id_ed25519";
       owner = "lilith";
     };
     "user/ssh/public" = {
-      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      sopsFile = ../hosts/${host}/secrets/default.yaml;
       path = "/home/lilith/.ssh/id_ed25519.pub";
       owner = "lilith";
     };