beginning of sops-setup

base.nix

@@ -1,7 +1,6 @@
-{ lib, pkgs, config, inputs, outputs, ... }: {
+{ lib, pkgs, inputs, outputs, ... }: {
   imports = [
     inputs.home-manager.nixosModules.home-manager
-    inputs.sops-nix.nixosModules.sops
     ./modules/apps.nix
     ./modules/dev.nix
     ./modules/shell.nix
@@ -14,8 +13,11 @@
   sops = {
     defaultSopsFormat = "yaml";
     defaultSopsFile = ./secrets/secrets.yaml;
-    age.keyFile =
-      "${config.environment.variables.XDG_CONFIG_HOME}/sops/age/keys.txt";
+    age = {
+      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
+    };
   };
   home-manager = {
     useUserPackages = true;
@@ -49,6 +51,10 @@
       value = "8192";
     }];
   };
+  users = {
+    mutableUsers = false;
+    groups.piracy.gid = 985;
+  };
   nixpkgs.config.allowUnfree = true;
   nix = let
     featuresList = [
@@ -76,11 +82,17 @@
         "https://ai.cachix.org"
         "https://cache.lix.systems"
       ];
-      trusted-public-keys = config.sops.trusted-public-keys;
+      trusted-public-keys = [
+        "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
+        "nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
+        "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
+        "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
+        "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
+        "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
+      ];
     };
   };
   documentation.enable = false;
-  users.groups.piracy.gid = 985;
   environment = {
     systemPackages = with pkgs; [ wget ];
     variables = rec {