{ config, inputs, pkgs, ... }: { imports = [ inputs.sops-nix.nixosModules.sops ]; environment = { persistence."/persist/state"."/etc/ssh/ssh_host_ed25519_key" = { }; systemPackages = with pkgs; [ sops age ssh-to-age ]; }; sops = { defaultSopsFile = ../../../../. + "/${config.networking.hostName}/secrets/secrets.yaml"; age = { generateKey = true; keyFile = "/var/lib/sops-nix/key.txt"; sshKeyPaths = if config.environment.impermanence.enable then [ config.environment.persistence."/persist"."/etc/ssh/ssh_host_ed25519_key".source ] else [ "/etc/ssh/ssh_host_ed25519_key" ]; }; }; }