snapshot

flake.nix

@@ -57,6 +57,9 @@
             home-manager.users.gunalx = import ./home/gunalx.nix;
             home-manager.backupFileExtension = "bac";
             home-manager.extraSpecialArgs = { inherit nix-colors inputs; };
+	    home-manager.sharedModules = [
+    	        inputs.sops-nix.homeManagerModules.sops
+	      ];
           }
 
           sops-nix.nixosModules.sops

home/bash.nix

@@ -2,10 +2,32 @@
   pkgs,
   lib,
   config,
+  inputs,
   ...
 }:
+let
+#secrets = config.sops.secrets; 
+in
 {
-  programs.bash = {
+
+#imports = [
+#../secrets/sopsconf.nix
+#];
+# 
+#
+#secrets = {
+#      "ai/openai" = { };
+#      "ai/fireworks" = { };
+#      "ai/cerebras" = { };
+#      "ai/groq" = { };
+#      "ai/mistral" = { };
+#      "ai/aistudio" = { };
+#    };
+
+
+
+
+ programs.bash = {
     enable = true;
     shellAliases = {
       "rebuild" =
@@ -28,6 +50,14 @@
       "neofetch" = "fastfetch";
       "htop" = "btm";
     };
+#    sessionVariables = {
+#      OPENAI_API_KEY = "$(cat ${config.sops.secrets."ai/openai".path})";
+#      FIREWORKS_API_KEY = "$(cat ${config.sops.secrets."ai/fireworks".path})";
+#      CEREBRAS_API_KEY = "$(cat ${config.sops.secrets."ai/cerebras".path})";
+#      GROQ_API_KEY = "$(cat ${config.sops.secrets."ai/groq".path})";
+#      MISTRAL_API_KEY = "$(cat ${config.sops.secrets."ai/mistral".path})";
+#      AISTUDIO_API_KEY = "$(cat ${config.sops.secrets."ai/aistudio".path})";
+#    };	
     historyControl = [
       "ignoredups"
       "ignorespace"

home/niri.nix

@@ -274,9 +274,9 @@ let
 
     // Floating Bitwarden extension popup windows only
     window-rule {
-        match title=r#"^Extension: \(Bitwarden Password Manager\) - Bitwarden — Mozilla Firefox$"#
+        //match title=r#"^Extension: \(Bitwarden Password Manager\) - Bitwarden — Mozilla Firefox$"#
         match title="^Extension: (Bitwarden Password Manager) - Bitwarden — Mozilla Firefox$"
-        match app-id=r#"(?i)^bitwarden$"#
+        //match app-id=r#"(?i)^bitwarden$"#
         open-floating true
         default-column-width { proportion 0.3;}
         default-floating-position x=0 y=0 relative-to="top-left"
@@ -284,6 +284,22 @@ let
         block-out-from "screen-capture"
     }
 
+
+
+// More aggressive matching for Firefox extension windows
+window-rule {
+    // Match any Firefox window that might be an extension popup
+    match app-id="firefox$" 
+    exclude title=".*Mozilla Firefox.*"
+    
+    open-floating true
+    default-column-width { proportion 0.5; }
+    max-width 720
+}
+
+
+
+
     // dropdown terminal
     window-rule {
         match title="^dropdown$"
@@ -603,19 +619,18 @@ in
 
     #term
     foot
-    alacritty
 
+    #displays
     wdisplays
     swww
-
     xwayland-satellite
+    xwayland
 
     #bar applets and notifications
     waybar
     networkmanagerapplet
     networkmanager
     libsForQt5.networkmanager-qt
-
     mako
 
     swayidle
@@ -640,6 +655,8 @@ in
     font-awesome
     font-awesome_5
     font-awesome_4
+    noto-fonts-color-emoji
+    noto-fonts-monochrome-emoji
 
   ];
 

hosts/legolas/configuration.nix

@@ -18,6 +18,7 @@
     ../../modules/displaymanager.nix
     ../../modules/nix.nix
     ../../secrets/sops.nix
+    ../../secrets/sopsconf.nix
     ../../modules/sound.nix
     ../../modules/gunalx.nix
     ../../modules/pam.nix
@@ -32,14 +33,7 @@
 
   # Enable the X11 windowing system.
   services.xserver.enable = true;
-  services.xserver.videoDrivers = [ "modesetting" ];
-
-  # Configure keymap in X11
-  # services.xserver.xkb.layout = "us";
-  # services.xserver.xkb.options = "eurosign:e,caps:escape";
-
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
+  services.xserver.videoDrivers = [ "intel" "modesetting" "fbdev" ];
 
   services.libinput.enable = true;
 
@@ -58,11 +52,11 @@
 
   # Some programs need SUID wrappers, can be configured further or are
   # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
 
   # Enable the OpenSSH daemon.
   # services.openssh.enable = true;

hosts/legolas/hardware-configuration.nix

@@ -55,10 +55,8 @@
   hardware.graphics = {
     enable = true;
     extraPackages = with pkgs; [
-      #vpl-gpu-rt
-      #intel-media-sdk
-      #vaapiIntel
-      #intel-media-driver
+      vpl-gpu-rt
+      intel-media-sdk
     ];
   };
 

secrets/secrets.yaml

@@ -10,6 +10,13 @@ qbittorrent:
     interfaceAddress: ENC[AES256_GCM,data:GsDv+UB07bQGh/DISw==,iv:Hn1zGJweLj5jy8sk4aN9rob/6kfzo7iLXPgaLBIMSVs=,tag:fbKSrAIOqTsnCCI1DBUZkA==,type:str]
 miniflux:
     adminCredentialsFile: ENC[AES256_GCM,data:FPcdTiJqbI6MloU9JqAYPABoD/odegXks+JyEeCri8hOV0dPMd0TNDV8fN1bbIiJ4llzaclZbjl0HKM=,iv:5fd3O008aP34+7lGlG8vBPAIdmEjFPoneH+rJ6d9TI0=,tag:HKOHjGLiAIDBR54HJv9teA==,type:str]
+ai:
+    openai: ENC[AES256_GCM,data:aFNl4S66JSpP94Lky0x10F5mAJMQ7XWIOTmFjq0IdZYoxqjHZW8nnwbUcsU4zHjBNrFwEyZJNw8QWWoA0LHYRIJzdiCOFk/xWTgAssaDSbXnozIYsa14RkHUma4fho1s/g6QgwFLtgtv1Qr/nlunwjp+m1d34w4MHjSNQnwcGl14ib3suvzorTkCZKI3tg1JGi3cCva0vYzpAACIT54dfaqM0tsoq3w=,iv:rFad2sTdvNHZ5n/DgTLUfHe1qjR8O9nTagsWO5qvbJs=,tag:HFEtMDWis+7N/+ULl7Fu5A==,type:str]
+    fireworks: ENC[AES256_GCM,data:NRMhwIzashk1oKPB4A8ExFa3K8bE7kWqLSzL,iv:awolsk2O0nx/8UutC4DDxxNcQCMMt376pbtBUFbkjkw=,tag:BzbZmZhLZ1rMXtZCwfdW1g==,type:str]
+    cerebras: ENC[AES256_GCM,data:WcdDsWIgKr0lRb/daoqmzl6E5q3ToICHMLJKrj2rW7pdDpEIZ95DtdNFGQE8Vpy3u9x/SA==,iv:1tZU5nfWCur/Uk54RccS7ldv+94D3CKPgAeK30PB8j4=,tag:IeCgemTemEcKr94YwQKevQ==,type:str]
+    groq: ENC[AES256_GCM,data:m/BTJoBCP6pxM9zPsf2V78BaHGrueakFjtqkut4fuXxluSlEXVDCCupWVbKF2Eo8phrOhxGcgVc=,iv:taiWwphOVhbLuO5ygf5iDIvhEoAxncTEQ8CFNKOObP4=,tag:VFU4ORxUodiGf9dNINYoww==,type:str]
+    mistral: ENC[AES256_GCM,data:tZ7gZatfyhffKyKmlbtiNEp9MaIp4cVvSkZbrHFaAKE=,iv:r9QSqstFiR9QrLehHrQu09iaF0PYroz/p1ENChch/I0=,tag:iOjSupJ5ZFAyAcuxXcjNpg==,type:str]
+    aistudio: ENC[AES256_GCM,data:UEYpuq3SWlpxSgZUWSKLeW2RvPXVC4Zz1r26cZqc/ttGiS4vHlN+,iv:e2IOtS4HbdqMxysus+M7CRIuu7dC/bQnzPQxhJ8LLbQ=,tag:+uUKk5XnFgyOhTeZKLAimA==,type:str]
 openvpn:
     galadriel:
         config: ENC[AES256_GCM,data:f9uDYNLHP63oee5lGMPsmZ76f80n51eYxd3hvF5ZhPGtCspBEOMLHRonTSEril1wKCT3i1DWR967lWTdjJs6KOpoX5JqKz2Qj9tkpXS5jnHZAf0JQg1l7jmf9/a2OKJparVCFJyNPTN5mzl3gGOyDGe0TIT+ZtP8/PCWsQNjB89Crd/kHSSAmIUb2fcNXEkxs6XwgsBAlhbR69e+06NYaRyX5ydVV/kDekx+ixpx2bIqMQqIdEk358RLCauP3wAh1FoqTTJ2eqLcDhuPySFol9cLCInWnColNdyb/0+czrEa4DiLrbFVXx7bUVwjd9rb+eoajC1e09d41aJkVHG1LxlSRjq1sBlI3v3E1vaUBJWegZBROEpqEOCKfHSagkmaanaBv/KMq1MFmXJ1MzyskDJb9MdNFKRQBjQLwBXnURts/Yj9ChrT51z+/bwItxt8XmlwIEgL65F/8h1+bUJGOi27ZAvfkixflff0ELYSPvQI+N1vFlF9QP6AmIFxF2SdmOSlYzTYIz0+LMejLltCEUdU2qdlZ0a9DuYlsxvnZ75JgWXviw==,iv:C2Zb1DLTMlsEqQ5/UUrpT9k5Z51YYGu3SUcu1F20ydc=,tag:wGkQ7LWgCfy0K3zM38JxHQ==,type:str]
@@ -18,10 +25,6 @@ openvpn:
         userkey: ENC[AES256_GCM,data:qaJIx3uJPnRf/ZN3PUj8CdbIDZYwfDHG4APWlQTUBHtJqYZbP+sLVFmpvgCD+yFgomghLeeDCt+Hm7ti+XYjLRciDPZQb/CAlsdgQW7JbsGA2Sdfj5wwn+vF0F0BLO0hORcB4VW2cY62yuf3koS6IbgXeHRVmLe4hmTftZ2ILZm/nPdjsG2sktLklORG26h/zaLX8fe/+2E9kFu8swyFxI3b+2xDkbm8/jsYSN08sL6L/kCaRlmITISMzVOodrms2FYv7oYnKsyq8ABBnpYECRJheukWNIzcFiJ6+QQwqJUCiJvdJ2Hu60LHgSP20plm5SJ631KBEK8NelwRUhpWe0WBiTfilcmwGJUhADtOIaDIO5r6Ou/OfZupPUEQtg0XhElwWiwqnnnMA//POUxMRQ7mxbhZU9XA2BAHv+RH2SUq7IEgTYkOps4zEWk48yyCI7338hB6DOZs2lR/yWkfR/JtDF3HM8RqLVDB3b9BypkWwfXh/M1RlK4XHid0gv575rQXe507mCAb4KJ82RJSbQ213974e8jXRdMtERM4ZujcP0hfeqxj5vrKLRqVgyLDH3Lz7c9eYhUVS/JN2HC3t/BPdN5J9LJud4r1VLYR01Ru5U+IDqOi71T5jiASndrc+QQa1mulEGLIWj/2c8oe2S0p2EU+P6V5RSrqLRuYGpvCcMOs7ydzKBd3oHBMY/VDhpbKlZEw/Kofbs+Easuz5zBlLlPxc0O+AttNlfsSgxuTD5/NiUKT9+TsToSrBZQiBDKvgDpQjZsq2Clw7ZAvFNrPNTiu0sU7YCe4xO9gQ7RIcXzI6S1B1eoHAbnfv7lKE0VvxRCsfngK8Kp/NccXIsNfDCZ/1x7/WHmq9wr5XmWqY41rf1LFeouQFwydjI5iPp4jHwUzPkiGBkkaOdkb8Ovjjy4urMekTiyO5JKJUJCmtZiSj2DHCOBWm6nRQOFCenLHD6ls2NeUpqqsA2wna5DVn0EPvpaPIkmrdIqHh8d85+N9C8UbYDwAnEFvqcAIlFDWj/tUWVUyfWLRl0JSc1wQFzXavJUaLhhLfP0Gh3n5/ayALGLrLwAeUWQz+tLu7oTs27PaEbQknyPvBczG4I/usAzpdlzr4VfdKWfvdjWST1c5ZCPl4qS8T9+/5jOE1+g/y3kcZED9qjFXdnVpoSJfLx+3cY59inv2LMAnavY++zEV1SWIwKFgAgJoYR4hCKANySWY8kBxCDcRjdBno2rAM3xLfU6I1sLb0lm+6LBswOEqHTb9E20u8RXum9JUI/6iauhJHmfoyMLVvhD5XQyolbQ5n/r1qq5LOjsKWGMvo/AeosBwcAY3u67xyvNnNgrd29SBwOYyGYNKG0jyhg7HDfHFIpSDzfAI4IOyhs44cPGFoN759+Y0BNLjW1mqDiWpErvSaNc4zH2cr2fSCaGpEBbf6q3hMh4tRQJayxVSEeD2emO69UNBd4jCkHo4vaK6D9aSBEcpWR2SQM0c968zDcdmOTajsLzPYoIyaOgWFAIs+9A6f8eyqlhDfWIxp6e1fVY8sCFotZaDXRqb9/umCy0IqNQChuKYcB5oB/hvwwMMuTE+4Q4Dd7RXfW8ZMAZz3Z1bqimVhFeVXDkyT+8DXMf2166bLxxwxpxSCPd3XmmOSUiNKysTHykh5MKaPjEyTl7xgvbhqZ16k0pvkh+z5Op1NcU2tm6W+/FL1JV83KnsjC1jAdwMEeFn+0MAFXTBARAG+qAb3pGowYz/wNSsvf93a3JTANA609opK/7MK84h5n7M6TulRBw5Phnw0HUdio5SJ7DBRPr4kYGgVTMwWzxfOY3lDF/fnsqTOjGWxUoLrRXrZ8aaAHWaUYFzx52SW3J3rczRBWTC0jUUEVs7cslfR7N7VGvEXV9p9TuJOsfAyvFyseRIh66Uwi9Pwq+QBOadUttcT+iBgz72BEPwuIAcKre+ShoxE9cHGrtpvlgi7eDSlI1bZ7km+8j0TWryzKLK8P9N4MhspwRO/zGXiErAOoBe4MaBvMvjGCgCRFgnLypoDoeHeoLO1WvgskKUhHXIZV/02nBhhnxPUmJjzsqp722aDztxWKU1VX6lHooRFgpMRzOymD7XVxfZNyDrxuf0VJluIzZlFCzGpswgGnxocs0hFgTMePzhoMx2XnU9d6NM3hl1fOCCwV7Be8KjahNRc5qGChPS4kLzEyvsWHD7EiKK2gCYS0ysiPTNxKrcC9JFXqR7iX1QSQ8W5Sy5IBWYZWuBNj0STJ4J9VXImEaOnWnkNLcncwQh1Ty8OTDX15jeC7/ltfQ6KVjPj3iPs8cEADnOW7ez91vtXOg4dFhjuLAylipQYFIaUpjJOwNQuEcp121LKR1YXHeLRI4y2Cvw9ZL9HXZbB8yQR5/NNba2PScDjfg05ZhFb4yFfcrT+OOrvO6ej1mX4qPzK4X4Sxzi+c632Xi98I/L6rKE5WCLg0dXPUhy4YwD495ZoCFfT5hzNHrNjeCGG03mVC4qLTcopwyn4TlcN+SnZEzI9kVvTwOhtW2J9ol1GNjiGsmfDq9I/+jOfALFQgA/nFVyqBi14pui9yhno6WDyPGifDeKsoNBoZq63lQ/exxGzTH/sPRqeumAUWU81n3/4FLcknH1ssucMC73scO5S4+lzpF89PFCV5Qnkcghzu+vEC5/Z0roU+jQL+wPpjnq1QAuX94TX0iLVozSmcPfFwv4PyzqiCRK7dbk8TtTQlqdM+elzKzKbQkUQXvY2vGTyKnZxJjrwHx71QuEYMfu3QqO7v5XUJSayON1o/RcfQdwfxenLaLOzXYPVod2eylalY7vXKtJOclz0OsCHVL/IAs2p+qvnBhDi2LcBKFgYRgI9ZrOFWGBvk2hzNjieQtM/a9BAcAjzR8jNTgBYqTQWIuloJEjd+KtRC7S4qFVSwp5E+2eFD3QpBaf+TFuDCvSteWpHZSXIrrLEGAichsWVHK09KKGsFPb//S2bEIrHeMYwPbDZ4JFR5YzUJTnfuHFCAGxsL4qali4ZA8BlTEp675TwJ47FWpS349/10di0DbIm7+eeQUVv4obn9sk0st1tDHS5kWsWQq587t52OFuqwXZv+GdEMn/jfo4F4dEF61DbkXtMzMs0/DU9x60m0pp41LvJQsm7GyGjvtUV0ltD5n8lF40pmVZnrcrQb/VSd2mLZbkTl8K+1J2rDnel2vf5DcUSysTha8o+g0X4fqMeGnIot71ZS7bqtzYzACQukMYkSxqE/vnalxN2G4cmP0RCSwb4YhOdgsKjqUwEr560xv5M58RSMW92cFC59CHtu4G7rPyvuA9Bp6lJnxsRAfPB57QF4aqYg0VpBTpP4MHdeVuG7v7REATjyexnjuli5BSx9540nHgjrcMVcSVkcNcIykAJsHVk4PJZ01o5Ycmubvw3fHvt9OKyxY2Y7CLQpVcSwgfp4KOLnUe3+88fLfMUfg3V4rVjiriivqHVKx0aMKqkW1Od6fT5nZAd6h5rMxLWDU2U++wUcc/lfRK+J2GgY+r6MmBb1qRajW8VS3ms7e/RylxzHpaU/meUTFiFxop4iCCwBn3IjgFtZWcn+8eERkQQ0wZfuz8u5Lfy0uPQoaRhoHPXtBZQEWuQd/MIGKaetHU85XRu/1HYvQ4V5+Elu12D8idTCennGv6gqIOFZBhS1CCKbPtzTmYuV9JlmbMNhQthwuxKKbZoXhI+GNDggPMxkkmhxGChj4X2NymV7u3Yqrr1FnNGTMcuBJ10+BDeNNY9KV4MZCKH//rRjUxVEgiln0EEGFTeA/WSyG8wu72maDu2OvcfoNH3KkYYJ7JqSzvZ8raVMiWSx9nkAN18xRWxWIz4wNndrk963Ol4rwxymVcXDE9/Qrz27MAZmNhrEaF4qsut7VDLxWvnrcWCIXddNPFcqgU1IQVF48U7WAGgTFDJdDEp+Q33FNIbo70koN0KLE8ot0jIqWuwBFhA5fI7NSv5cEIOueTcD2p3J2snBebQbRtsDtu8mJBunYPqcvP3YH9xiDJkdiij/g21Wtb7FY/WPP1uVt8RJu51kxTw9VZJLLQqisk1usn3kAKM+m3gQAKpbgiFmfjb3pif3nHTCi+tRAM4hGX2VWHY8F/iaTCAZpSyd34SD6OqYIzh83nchwyaMOU9QrrOIG7Vbrd923/AMBcFVaZnQB4eGNIe6fnEiet67kb6g0yxHNKyORM0+fg9INbywzT1MzjbjozvNw5JEHm49C2J/oWcyGDW13XtQXw8uvCBVEqXpz4baNng7Xzge5WwBLTlF2+hh136npAE62aHkNZyy0E3Fa1V6ludI//BcnZ4jqYEO0/w5SA9wYFT6Aun9ltRpq60VZnYc1Jr2A=,iv:kR5g0wvCQ3NGAqviN1jvqscgAYrGzHLqhooIljtJ+gg=,tag:Z+U5Wn4U5ADIxjdfI37cBA==,type:str]
         tlscrypt: ENC[AES256_GCM,data:zG12fAsc9/LcxO0eGx4ytjHm07BMnf5aBHlfTtif4noCXcPAx5xunhJCOaWEoTobwOEpdgXoZzQcJa7EW6N/4kEnGzk8gfSl+BFswO6LEoqzYJb4sfy2qJJQrjUNxsI9yib+OCgb4DQ94apdvVG/dVypdMQrw+x+xg8K+hdZ5LZWdZLKKcBxHKeHoZ+lt/gJNv3BbtQP6Vy+1biWxjdHy1YfvLm+iqaJfi3/9HV8YAi/iePoY+rNNtc8GlaUp/HrHfmCFF4EBWuFr2knQ5t8bx7sHGlhdcTIyHJwNQdCUIsyVqckhxDulLM8luuGJZsiulkdK2f4NSpa6CPYZPWPHQ2BfSnugBEjbWrF2RQT3eOLAEJBS9YSV1/nvHA/lU2ymf0PBzzXhE9Ms0twecrS8Ql/qRbWSqiQNzHv/P7k5i5E8iw4zqaUtir7gpu3AkC2GxMVuQfowiruZGPi6i2YbDzgaBi5fZJAosWQHvZXnVApqFqzWXCzw4ACXlMI6MZ1rb3Ut9wEDXHGMRhhcWmHDsCO6I4/EphDfLiexYeVHKB++MLilXaUa6wXN0yGefj+NC3Am5YQRwR3rd4KrjXOrbKWELoIkyYrGWkZ5w5O5fC4Z+h8jxPjng/lNM3JAzREgKcw+0IcY5q3/bRXWGMScVm5qqc9LXozhWU9gghQOhbcb4NYFob8yczTJT8IdA6D72N4pAm+524DMjTPRiAi1KQInICeZp2mILvT5aUgTEXtj+iwyqyo+io3ffOjQdHa9HU2IrZKmoapkvEOsFHm3L63uY1T92/Han8=,iv:cjIKuwyLtXT5Wg/VzinC2Lf5EysoxsgnEsHei/+Yum8=,tag:b5LKO8urIBC7BJgyfs5kWw==,type:str]
 sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
     age:
         - recipient: age14cpm59h7hx8gr54hrn4uxu4xnrp9wy3f2kdxvy6xwuyxsfg8g9zs8z5e77
           enc: |
@@ -32,8 +35,7 @@ sops:
             OHNBdXMzZTN0VEVTYkVSbUVRYmo3eUUKvRiPgmrCCK1F5QoSHlV89C2MPl5FvU5i
             z61NMJu68UEDsDu8qNRaW3aqpT+1GYsr1evi5imzNwr0qTM2oRwkFQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-11-15T01:14:16Z"
-    mac: ENC[AES256_GCM,data:4hqXQvlmPKuPkQEcUIpTEUudVknNVNjXjP8pB2UPnPmnr79nLWy/ZOzAcpSob1XNHyB7We5neBUEDYO56PjOM9C022XdZfaqXUC931uqLqo1iLQupApCphf/HR5bwDayv63Mr1Ys9MBdhCrYtlfy4iPiEdlpfDhLuD268EM8x0w=,iv:rgzgkB+5r/xDrN4i8O1f6CXyGxF7Peo+24kkQf96yf4=,tag:TZPaNEEYxFZ0m1CRbPQ0kA==,type:str]
-    pgp: []
+    lastmodified: "2025-08-24T09:52:43Z"
+    mac: ENC[AES256_GCM,data:yMmdK28YRNHXIrgG0QzF0r71+XwmZiVkbwBees+VJB2MLL6/zrXGB171r7Rr8XDILVAnBS5UXusIw7fa9OMaLIIMVA6CjTG1Qy21INKS8b/XUz2s0c67eRbhkV6Si9oC4bEnBg/hoazPclvB/uTFkQLbHAAdf8wBd6oSxRE7b9I=,iv:i6ZeKs9aItbE0SS9/BQyGXeSui/jDHEj+/+UIEcFNdg=,tag:RMHX4nKxXBKM7Jfq0uu3QA==,type:str]
     unencrypted_suffix: _unencrypted
-    version: 3.8.1
+    version: 3.10.2

secrets/sops.nix

@@ -4,25 +4,4 @@
     pkgs.ssh-to-age
     pkgs.sops
   ];
-
-  # This will add secrets.yaml to the nix store
-  # You can avoid this by adding a string to the full path instead, i.e.
-  # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
-  # sops.defaultSopsFile = "/etc/nixos/nix-dotfiles/secrets/secrets.yaml";
-  sops = {
-    defaultSopsFile = ./secrets.yaml;
-    validateSopsFiles = false;
-
-    # This will automaticx-sopsally import SSH keys as age keys
-    age.sshKeyPaths = [
-      "/etc/ssh/nixos"
-      "/root/.ssh/nixos"
-    ];
-    #This is using an age key that is expected to already be in the filesystem
-    age.keyFile = "/var/lib/sops-nix/key.txt";
-    #age.keyFile = "/root/.config/sops/age/key.txt";
-    age.generateKey = true;
-    # This is the actual specification of the secrets.
-    #secrets."myservice/my_subdir/my_secret" = {};
-  };
 }

secrets/sopsconf.nix

@@ -0,0 +1,25 @@
+
+{ config, pkgs, ... }:
+{
+  # This will add secrets.yaml to the nix store
+  # You can avoid this by adding a string to the full path instead, i.e.
+  # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
+  # sops.defaultSopsFile = "/etc/nixos/nix-dotfiles/secrets/secrets.yaml";
+  sops = {
+    defaultSopsFile = ./secrets.yaml;
+    validateSopsFiles = false;
+
+    # This will automaticx-sopsally import SSH keys as age keys
+    age.sshKeyPaths = [
+      "/etc/ssh/nixos"
+      "/root/.ssh/nixos"
+      "/home/gunalx/.ssh/nixos"
+    ];
+    #This is using an age key that is expected to already be in the filesystem
+    age.keyFile = "/var/lib/sops-nix/key.txt";
+    #age.keyFile = "/root/.config/sops/age/key.txt";
+    age.generateKey = true;
+    # This is the actual specification of the secrets.
+    #secrets."myservice/my_subdir/my_secret" = {};
+  };
+}