Add sops-nix

modules/nixos/sops/default.nix

@@ -0,0 +1,20 @@
+{ pkgs, lib, config, inputs, system, ... }:
+let cfg = config.mods;
+
+in {
+  # options.mods.home.file = lib.mkOption {
+  #   description = "home-manager configuration file";
+  # };
+
+  # config = {
+
+  # };
+  #
+
+  imports = [ inputs.sops-nix.nixosModules.sops ];
+  sops = {
+    age.keyFile = "/home/muon/.config/sops/age/keys.txt";
+    defaultSopsFile = ./secrets.yaml;
+    secrets.muon-password = { };
+  };
+}

modules/nixos/sops/secrets.yaml

@@ -0,0 +1,21 @@
+muon-password: ENC[AES256_GCM,data:K2ifHvs8hQXK4//FXf3vfDliiklx0dTn8gpirTBT07Q1XIMJR1Vgn/f1uo62bu4a/bknAR5gEBfd/cSRUTdBBxd7Lec2k3fxQg==,iv:j1JTzyfjcKEqh+PK5tyCWBMV7MpwvIG9MJ9eiajksxM=,tag:ZcSEVBW1UOCvE40yIsaBFQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1m97a3eptxwpdd7h5kkqe9gkmhg6rquc64qjmlsfqfhfqv8q72crqrylhgc
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4czNjbDZ4aDFsVjVZdmRU
+            bVpVWDh5MnN6U2dWSjJlbWN4QmdJN21lNWxFCmI4aTBFL2lkNlZCbldza0h6U0Z1
+            K1JsbW9raEZscFVvbXNzeTlQMXJwaDAKLS0tIG0yaHF5MTdyZVg3R3ZNWk1tRDFa
+            YXdkR3V3Y25XSks2Y2lsZXJXR2lKUFUKHB6YzHlCj6x5Ron+NwLUi0iFYlVGPaYM
+            bRoIx0S9huJwHI3sNNaiuCVg+H0Mctfw4VFfeefoVYDr3o72wBRIkw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-01-17T20:33:28Z"
+    mac: ENC[AES256_GCM,data:f0BoA4bG64g1WPcLl9Qd2G3VbA5L5+VTK2/+nxcklQZrDzsr2gOQXK8WpiccuZ0CyU1UaLhSTAEfMb9N2sA3MISGikPyWYFQVA/TM+wfaDCnrnEgbuvtBuEMpNp54bwgF4ME2h9k3e3HcJlNze65z52je3tBCxe6siYEKVgB3yg=,iv:VC8BaJLS46yXCZL1gmSrElmqLM/L+sCqTuUkhhvYUBc=,tag:aK164Iq91mUOx8yVyUZN2Q==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.2