[m]Flake sops & format

.sops.yaml

@@ -10,32 +10,32 @@ keys:
     - &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
 
 creation_rules:
-  - path_regex: secrets/iriy.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/iriy.ya?ml$
     key_groups:
     - age:
       - *iriy
       pgp:
       - *sora
-  - path_regex: secrets/avalon.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/avalon.ya?ml$
     key_groups:
     - age:
       - *avalon
       pgp:
       - *sora
-  - path_regex: secrets/valinor.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/valinor.ya?ml$
     key_groups:
     - age:
       - *valinor
       pgp:
       - *sora
-  - path_regex: secrets/asgard.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/asgard.ya?ml$
     key_groups:
     - age:
       - *asgard
       pgp:
       - *sora
 
-  - path_regex: secrets/common.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/common.yaml$
     key_groups:
     - age:
       - *valinor

flake.nix

@@ -33,7 +33,6 @@
 
     let gen = import ./generator.nix { inherit inputs; };
     in {
-
       devShells = import ./shells { inherit inputs; };
 
       nixosConfigurations = {

modules/nixos/system/security/sops/default.nix

@@ -1,6 +1,8 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, ... }:
+let keyFilePath = "/var/lib/sops-nix/age-key.txt";
+in {
   sops.defaultSopsFile = ./common.yaml;
-  sops.age.keyFile = "/var/lib/sops-nix/age-key.txt";
+  sops.age.keyFile = keyFilePath;
   sops.age.generateKey = true;
 
   sops.secrets.wifi = { };
@@ -19,5 +21,6 @@
   sops.secrets."${config.hostcfg.hostname}_wg_pub" = { };
 
   environment.systemPackages = with pkgs; [ sops ];
+  environment.sessionVariables.OPS_AGE_KEY_FILE = keyFilePath;
 
 }

shells/default.nix

@@ -2,14 +2,12 @@
 let
   forEachSystem =
     inputs.nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
-in 
-    forEachSystem (system:
-        let
-            overlays = import ./pkgs/overlay.nix { inherit pkgs; };
-            overrides = { custom = import ./pkgs { inherit pkgs; }; };
-            pkgs = import inputs.nixpkgs { inherit system overlays; } // overrides;
-        in { 
-            default = import ./shells/devsh { inherit pkgs; }; 
-            devsh = import ./shells/devsh { inherit pkgs; }; 
-        }
-    )
+in forEachSystem (system:
+  let
+    overlays = import ./pkgs/overlay.nix { inherit pkgs; };
+    overrides = { custom = import ./pkgs { inherit pkgs; }; };
+    pkgs = import inputs.nixpkgs { inherit system overlays; } // overrides;
+  in {
+    default = import ./shells/devsh { inherit pkgs; };
+    devsh = import ./shells/devsh { inherit pkgs; };
+  })