secrets: add sops

system/configuration.nix

@@ -1,7 +1,7 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
   imports = [
     ./android.nix
@@ -29,6 +29,14 @@
 
   zramSwap.enable = true;
 
+  sops = {
+    secrets.hello = { };
+  };
+
+  environment.etc."teste-sops" = {
+    text = config.sops.secrets.hello.path;
+  };
+
   # Enable touchpad support (enabled default in most desktopManager).
   services.libinput.enable = true;
 

system/secrets.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
   age = {
     identityPaths = [ "/root/.ssh/id_rsa" ];

system/sops.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    sops-master
+    gnupg
+  ];
+
+  sops = {
+    defaultSopsFile = ../secrets/test.yaml;
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  };
+}