wifi in sops

.sops.yaml

@@ -6,3 +6,7 @@ creation_rules:
     key_groups:
     - age:
       - *dlaptop
+  - path_regex: secrets/wifi/[^/]+$
+    key_groups:
+    - age:
+      - *dlaptop

hosts/dlaptop/sops.nix

@@ -1,5 +1,18 @@
 { config, lib, ...}:
 
+let
+  # Get the list of all secret files
+  secretsDir = ../../secrets/wifi;
+  secretFiles = builtins.attrNames (builtins.readDir secretsDir);
+
+  # Generate an attribute set where each attribute corresponds to a secret file
+  wifiSecrets = lib.genAttrs secretFiles (secret: {
+    sopsFile = ../../secrets/wifi/${secret};
+    format = "ini";
+    path = "/etc/NetworkManager/system-connections/${builtins.replaceStrings [".ini"] [""] secret}.nmconnection";
+    mode = "0400";
+  });
+in
 {
   sops = {
     defaultSopsFile = ../../secrets/generic.yaml;
@@ -7,23 +20,32 @@
     #age.keyFile = "/home/delta/.config/sops/age/keys.txt";
     defaultSopsFormat = "yaml";
 
-    secrets.qqq = {
+    secrets = {
-      mode = "0400"; owner = "delta"; group = "users";
+      qqq = {
-    };
+        mode = "0400"; owner = "delta"; group = "users";
+      };
 
-    secrets.cloudflared = {
+      cloudflared = {
-      mode = "0400"; owner = "cloudflared"; group = "cloudflared";
+        mode = "0400"; owner = "cloudflared"; group = "cloudflared";
-    };
+      };
-    
 
-    secrets."myservice/my_subdir/my_secret" = {};
+      "myservice/my_subdir/my_secret" = {};
 
-    secrets.singbox-aus = {
+      singbox-aus = {
-      sopsFile = ../../secrets/singbox-aus.bin;
+        sopsFile = ../../secrets/singbox-aus.bin;
-      format = "binary";
+        format = "binary";
-      mode = "0400";
+        mode = "0400";
-      owner = "socks";
+        owner = "socks";
-      group = "socks";
+        group = "socks";
-    };
+      };
+
+      #HomeNet = {
+      #  sopsFile = ../../secrets/wifi/HomeNet.ini;
+      #  format = "ini";
+      #  path = "/etc/NetworkManager/system-connections/HomeNet.nmconnection";
+      #  mode = "0400";
+      #};
+
+    } // wifiSecrets;
   };
 }