From e06910f8eb86a514637333d4a12e05064fcf1592 Mon Sep 17 00:00:00 2001
From: derped <derped@ophanim.de>
Date: Mon, 28 Aug 2023 22:05:42 +0200
Subject: [PATCH] Auto generate sops entries for users.

---
 config/users.nix        | 6 +++++-
 machines/Lilim/sops.nix | 2 --
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/config/users.nix b/config/users.nix
index 0fc67aa..8fc973a 100644
--- a/config/users.nix
+++ b/config/users.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, fn, pkgs, ... }:
 
 with lib;
 
@@ -43,6 +43,10 @@ let
      };
    };
 in {
+  sops.secrets = (fn.sopsHelper
+    (user: "users/${user.name}/password")
+    config.machine.administrators
+    { neededForUsers = true; });
   users = {
     mutableUsers = false;
     users = listToAttrs (map administrators config.machine.administrators);
diff --git a/machines/Lilim/sops.nix b/machines/Lilim/sops.nix
index 6dd02ef..85c8b25 100644
--- a/machines/Lilim/sops.nix
+++ b/machines/Lilim/sops.nix
@@ -7,7 +7,5 @@
       keyFile = "/var/lib/sops-nix/key.txt";
       generateKey = true;
     };
-    # TODO: auto loop over users
-    secrets."users/derped/password".neededForUsers = true;
   };
 }