cant figure out sops

flake.nix

@@ -71,7 +71,10 @@
           home-manager.useGlobalPkgs = true;
           home-manager.extraSpecialArgs = {inherit inputs;};
           home-manager.users."tacocat" = {
-            imports = [./users/tacocat/home.nix];
+            imports = [
+              ./users/tacocat/home.nix
+              sops-nix.homeManagerModules.sops
+            ];
             _module.args.theme = import ./modules/themes;
           };
         }

hosts/JWST/configuration.nix

@@ -60,6 +60,7 @@
   services.blueman.enable = true;
   services.printing.enable = true;
   services.geoclue2.enable = true;
+  security.rtkit.enable = true;
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
@@ -90,6 +91,7 @@
       "steam-run"
       "nvidia-x11"
       "nvidia-settings"
+      "discord"
     ];
 
   # ------------ Software ------------
@@ -100,6 +102,7 @@
       exfat
       encfs
       ntfs3g
+      sops
     ];
     # remove nano
     defaultPackages = with pkgs; [
@@ -109,11 +112,14 @@
     ];
   };
 
-  sops = {
+  # sops = {
-    defaultSopsFile = ./secrets/secrets.yaml;
+  #   defaultSopsFile = ../../secrets/secrets.yaml;
-    defaultSopsFormat = "yaml";
+  #   defaultSopsFormat = "yaml";
-    age.keyFile = "/home/tacocat/.config/sops/age/keys.txt";
+  #   age.keyFile = "/home/tacocat/.config/sops/age/keys.txt";
-  };
+  #   secrets.email-personal = {};
+  #   secrets.email-spam = {};
+  #   secrets.email-school = {};
+  # };
 
   programs.sway = {
     enable = true;

secrets/secrets.yaml

@@ -8,11 +8,10 @@
 #ENC[AES256_GCM,data:Qs7LdUYBaoCLtlu+VdIHrIsA,iv:lWJsId1PA6mc+E0+mP55EfoCk5rixb+Z91XtUg6ivCw=,tag:XVDzTi/poTsRT6m3dbcLZA==,type:comment]
 #ENC[AES256_GCM,data:73KcTxpT6YfRex8=,iv:3pLvjR/BOayKYUvCaZbW4JbCpbNqJ0QrcO+GvAAZauo=,tag:y4HM5xLSAzaEBrSqWUlpsQ==,type:comment]
 #ENC[AES256_GCM,data:OiGD0S0aKU15hDKi,iv:dIFoxlFYv2dbQFTk1O/pJld30sVNOFpq83z8YqFdruE=,tag:PRat5Zkn5MBfgAt0voPuNg==,type:comment]
-email:
+email-school: ENC[AES256_GCM,data:z2M4ydGtR/Bds7zdCWt8,iv:kVY1tUdNXeoQDbRj+fbVc8mot0dJQ969vOzS482l5wM=,tag:oFFKuGUIIh/cRc25Te5qdQ==,type:str]
-    school: ENC[AES256_GCM,data:5YdbEGvP3dkwOnGlwL2B,iv:FMHMImPMKCgtIoj8s3O5zPawPfMzJun7p0CACE/Iey4=,tag:NEA8a55p38za/kvhJOgfmg==,type:str]
+email-personal: ENC[AES256_GCM,data:x0lXf2n/swR2w//g00K0ig==,iv:NOaSBKh1z4JvuFG1dGn3+08jdJWx0GJgqin/gAhTvP0=,tag:0VYDzr6lyviEnwxBHACa1g==,type:str]
-    personal: ENC[AES256_GCM,data:YFgATpdZkwYAmvyJcdbjuA==,iv:709EcGDPSfnUFI4Epdj3FLCQ/V3BvN3e50/c49n9qyg=,tag:xmR6B13j1zOo5KYxYU1iRQ==,type:str]
+email-spam: ENC[AES256_GCM,data:1+L6ehJYOIPxSTfG579buGN/Hg==,iv:eB9xBowS4TkdaVdJcdJP5MKCGvzc1IBZhJN2CDmgl2c=,tag:c/0kspr28VxN8hPSlQ8c8Q==,type:str]
-    spam: ENC[AES256_GCM,data:Y0l/i74rH9brxBOyiCPyMaeE3A==,iv:cS/32vlXFLQI3vCIdMqNrzivO/9aqXNPAqQ1YWgjAoQ=,tag:+CBrYlnH5xgHkVZU/MMIDQ==,type:str]
+email-proton: ENC[AES256_GCM,data:Ts6E0gGQs7LOuQRINSddeFXymg==,iv:/JFD2vHgcH8oaxSNfRm6pbcz31r4dIfAb1+KZJPdrEA=,tag:zTbDKlD3PZXr5g7PI+oMxA==,type:str]
-    proton: ENC[AES256_GCM,data:0jOY+B5px9GTLHCBXFz+QFE+CQ==,iv:R8CCCewIUo9fJ4gTByzTwwfNyTIOPH9ktUAPPqkGMd8=,tag:nqjFuvmBq5N02MPXi6ha6A==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -28,8 +27,8 @@ sops:
             VTlua3pQRTZGUGw4OEVQSUhsMHZoVncKm0+J++ZOflbTjfb0Q/nC/LnwKXOq5XEE
             CvRQmjp4sWgmnP8wrcPvtInPrkVYBHluI9DD9DRoQ+PTYsz8xSIRig==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-11-22T04:23:23Z"
+    lastmodified: "2023-11-24T03:00:02Z"
-    mac: ENC[AES256_GCM,data:JviqHLWwa+6Mnc8rmqaXWkPVRPm9LbwQBzXkc/ZsMHpcpBN2W6jWxof8AbNsU+d7eKhYlT4QeBC/13nlIcgxdNOP1ArDL94g9aFmve7iEyCUOQLf3bBExpFLxHWzUFmDTNh0ZmaGtUBH2gWyj3zY5t6EQ87Wo+PPlaiOHaNskBo=,iv:N1/eXQOjBR027T6hAsmNoZyVzU+uWZrtRBJLesaM76c=,tag:ycl1tNjSn3VkPek9woQWGg==,type:str]
+    mac: ENC[AES256_GCM,data:6I3f44NOaf8AX6nrcr20yIgUbXRYPutalYY4HqL5sfgz6l6el4coc2jFRkbHJIjm3zx8F+PvsekM1A6VYKRUt5Ph+8P02pP0dmfrWx6GlD/0YNUJVVn7S51+yNNlJQGUPWFatKVsNpV0ZmkQZedQWz+2+JXfjJKw6kAcNQUuujI=,iv:7E2PBrLp9vHUUEfLqPgDsTfWfCebklmcL9sAcVIbrWg=,tag:iEq2WhC9wScoHwOYbI1llg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1

users/tacocat/email.nix

@@ -0,0 +1,20 @@
+{config, ...}: {
+  # accounts.email.accounts =  {
+  #   "aria" = {
+  #     address = "${config.sops.secrets.email-personal}";
+  #     realName = "Aria Nolan";
+  #     primary = true;
+  #     # thunderbird.enable = true;
+  #   };
+  #   "tacocat" = {
+  #     address = "${config.sops.secrets.email-spam}";
+  #     # thunderbird.enable = true;
+  #   };
+  #   "school" = {
+  #     address = "${config.sops.secrets.email-school}";
+  #     realName = "Aria Nolan";
+  #     flavor = "gmail.com";
+  #     # thunderbird.enable = true;
+  #   };
+  # };
+}

users/tacocat/home.nix

@@ -14,8 +14,9 @@
     ];
     packages = with pkgs; [
       rnote
-      sops
+      # sops
       mpv
+      discord
       neovim
       libreoffice
       notify-desktop
@@ -58,12 +59,22 @@
 
   news.display = "silent";
 
+  # sops = {
+  #   defaultSopsFile = ../../secrets/secrets.yaml;
+  #   defaultSopsFormat = "yaml";
+  #   age.keyFile = "/home/tacocat/.config/sops/age/keys.txt";
+  #   secrets.email-personal = {};
+  #   secrets.email-spam = {};
+  #   secrets.email-school = {};
+  # };
+
   imports = [
     ./programs
     ./services
     ./shell
     ./helix
     ./wayland
+    ./email.nix
   ];
 
   # Let Home Manager install and manage itself.