old
1{
2 lib,
3 config,
4 myvars,
5 sops-nix,
6 ...
7}: {
8 imports =
9 [
10 sops-nix.nixosModules.sops
11 ./hosts
12 ]
13 ++ (
14 builtins.map (k: {
15 sops.secrets."rclone-${k}" =
16 lib.mkIf
17 config.home-manager.users.${myvars.username}.programs.rclone.enable
18 {
19 key = "rclone/${k}";
20 owner = myvars.username;
21 };
22 }) ["onedrive-token" "restic-backup-token"]
23 );
24
25 sops.age = {
26 sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
27 generateKey = true;
28 };
29
30 sops.defaultSopsFile = ./secrets.yaml;
31
32 sops.secrets."github-access-token" = {};
33}