Changed Security Details

.gitignore

@@ -5,6 +5,7 @@ result-*
 # sops age keys (never commit private keys)
 *.age
 keys.txt
+!key.txt.age
 
 # macOS
 .DS_Store

home/default.nix

@@ -101,9 +101,9 @@
     defaultSopsFile = ../secrets/secrets.yaml;
     defaultSopsFormat = "yaml";
     age.keyFile = if pkgs.stdenv.isDarwin then
-      "/Users/${primaryUser}/.config/sops/age/keys.txt"
+      "/Users/${primaryUser}/.config/nix/secrets/keys.txt"
     else
-      "/home/${primaryUser}/.config/sops/age/keys.txt";
+      "/home/${primaryUser}/.config/nix/secrets/keys.txt";
 
     secrets = {
       GROQ_API_KEY = { };

nixos/default.nix

@@ -93,7 +93,7 @@
     home = "/home/${primaryUser}";
     shell = pkgs.fish;
     isNormalUser = true;
-    openssh.authorizedKeys.keyFiles = [ ./ssh-key ];
+    openssh.authorizedKeys.keyFiles = [ ../secrets/ssh-key ];
     extraGroups = [ "wheel" "video" "audio" "libvirtd" ];
   };
 }

nixos/sops.nix

@@ -1,18 +1,7 @@
-{ primaryUser, ... }:
+{ primaryUser, ... }: {
-{
   sops = {
     defaultSopsFile = ../secrets/secrets.yaml;
     defaultSopsFormat = "yaml";
-    age.keyFile = "/home/phil/.config/sops/age/keys.txt";
+    age.keyFile = "/home/${primaryUser}/.config/nix/secrets/keys.txt";
-
-    secrets = {
-      GROQ_API_KEY = { };
-      OPENWEATHER_API_KEY = { };
-      ssh_private_key = {
-        path = "/home/${primaryUser}/.ssh/ssh";
-        owner = primaryUser;
-        mode = "0600";
-      };
-    };
   };
 }

nixos/webcam.nix

@@ -1,5 +1,6 @@
-{ pkgs, ... }:
+{ pkgs, ... }: {
-{
+
+  # TODO: This need to be tested against the cam and kernel rules need to be refined
   services.udev.extraRules = ''
     ACTION=="add", \
     SUBSYSTEM=="usb", \