added sos-nix for home-manager.

configs/home-manager/email.nix

@@ -28,7 +28,7 @@
     address = "gabevenberg@gmail.com";
     primary = true;
     flavor = "gmail.com";
-    passwordCommand = "cat ~/keys/plaintext/gmail";
+    passwordCommand = "cat ${config.sops.secrets.gmail-password.path}";
     realName = "Gabe Venberg";
 
     himalaya.enable = true;

configs/home-manager/secrets.nix

@@ -0,0 +1,19 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  secretsDirectory = builtins.toString inputs.nix-secrets;
+in {
+  sops = {
+    defaultSopsFile = "${secretsDirectory}/common.yaml";
+    validateSopsFiles = false;
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"];
+      keyFile = "${config.home.homeDirectory}/.config/sops-nix/key.txt";
+      generateKey = true;
+    };
+  };
+}

configs/home-manager/sops.nix

@@ -11,12 +11,12 @@ in {
     inputs.sops-nix.homeManagerModules.sops
   ];
 
-  sops={
-    defaultSopsFile="${secretsPath}/secrets.yaml";
-    age={
-      sshKeyPaths=["${config.home.homeDirectory}/keys/age/master.txt"];
-      keyFile="/var/lib/sops-nix/key.txt";
-      generateKey=true;
+  sops = {
+    defaultSopsFile = "${secretsPath}/secrets.yaml";
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/keys/age/master.txt"];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
     };
   };
 }

configs/home-manager/tiny-irc.nix

@@ -31,7 +31,7 @@
           ];
           sasl = {
             username = "toric";
-            pem = "${config.home.homeDirectory}/keys/certs/irc.pem";
+            pem = config.sops.secrets.irc-cert.path;
           };
         }
       ];

configs/nixos/secrets.nix

@@ -13,5 +13,10 @@ in {
   sops = {
     defaultSopsFile = "${secretsDirectory}/common.yaml";
     validateSopsFiles = false;
+    age = {
+      sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
+    };
   };
 }