From a8fde8ae1b8a725ed162b9c4732cbd7b51f6cbea Mon Sep 17 00:00:00 2001
From: _cry64 <them@dobutterfliescry.net>
Date: Sun, 22 Mar 2026 23:40:27 +1000
Subject: [PATCH] testing out sops a lil bit more

---
 .sops.yaml                   |  2 +-
 hosts/lolcathost/default.nix | 39 +++++++++++++++++++++++++++++++++++-
 2 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 540522e..fcf0a45 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -4,6 +4,6 @@ keys:
 creation_rules:
   - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
     key_groups:
-      - age:
+      - pgp:
         - *cry
         - *idk
diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix
index e3a1309..2e2e450 100755
--- a/hosts/lolcathost/default.nix
+++ b/hosts/lolcathost/default.nix
@@ -1,4 +1,9 @@
-{...}: {
+{
+  root,
+  config,
+  pkgs,
+  ...
+}: {
   imports = [
     ./hardware.nix
   ];
@@ -17,6 +22,38 @@
     libinput.enable = true;
   };
 
+  # users = {
+  #   users = {
+  #     # literally me fr (personal account)
+  #     ilovecry = {
+  #       isNormalUser = true;
+  #       extraGroups = ["wheel"];
+  #       shell = pkgs.bash;
+  #       # hashedPasswordFile = config.sops.secrets.ilovecryPassword.path;
+  #     };
+  #   };
+  # };
+
+  # sops = {
+  #   defaultSopsFile = /${root}/secrets/user.yaml;
+  #   # age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+  #   secrets = {
+  #     "hashedPassword" = {
+  #       neededForUsers = true;
+  #     };
+  #     "ilovecryPassword" = {
+  #       neededForUsers = true;
+  #     };
+  #     # "gitlab/oauth_token" = {};
+  #     # "tailscale/authkey" = {};
+  #     # "guest_accounts.json" = {};
+  #     # "npmrc" = {
+  #     #   owner = "youruser";
+  #     #   path = "/home/youruser/.npmrc";
+  #     # };
+  #   };
+  # };
+
   # DO NOT MODIFY
   system.stateVersion = "24.05"; # Did you read the comment?
 }