From 76130fdc5160d347f3eb0146156309cca032819a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= <cyplo@cyplo.dev>
Date: Sat, 4 Jun 2022 13:11:55 +0100
Subject: [PATCH] Make all machines have an age sops key

---
 nixos/i3/openweathermap-secrets.nix | 1 -
 nixos/security.nix                  | 5 +++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/nixos/i3/openweathermap-secrets.nix b/nixos/i3/openweathermap-secrets.nix
index 2a1d1e80..83fa0924 100644
--- a/nixos/i3/openweathermap-secrets.nix
+++ b/nixos/i3/openweathermap-secrets.nix
@@ -1,7 +1,6 @@
 { config, pkgs, ... }:
 
 {
-  sops.age.keyFile = /home/cyryl/.config/sops/age/keys.txt;
   sops.secrets.openweathermap-api-key = {
     mode = "0440";
     owner = config.users.users.cyryl.name;
diff --git a/nixos/security.nix b/nixos/security.nix
index 90c6a2cf..155fb016 100644
--- a/nixos/security.nix
+++ b/nixos/security.nix
@@ -13,6 +13,11 @@
   services.clamav.daemon.enable = true;
   services.clamav.updater.enable = true;
 
+  sops.age = {
+    keyFile = "/var/lib/sops-nix/key.txt";
+    generateKey = true;
+  };
+
   boot.kernelParams =
     [ "slub_debug=FZP" "page_poison=1" "page_alloc.shuffle=1" ];