From 79b83cfc709fc693cdf5d4e6c97d916cf6e6c3ac Mon Sep 17 00:00:00 2001
From: Mohammad Rafiq <rafiq@rrv.sh>
Date: Mon, 14 Jul 2025 19:16:37 +0800
Subject: [PATCH] feat(secrets): Add darwin sops config and gemini key access

---
 nix/modules/system/secrets.nix | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/nix/modules/system/secrets.nix b/nix/modules/system/secrets.nix
index fa2913c..7b75ed1 100644
--- a/nix/modules/system/secrets.nix
+++ b/nix/modules/system/secrets.nix
@@ -30,6 +30,21 @@ in
           '';
       };
     };
+  flake.modules.darwin.default =
+    { config, ... }:
+    {
+      imports = [ inputs.sops-nix.darwinModules.sops ];
+      config = {
+        sops = {
+          age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ];
+          secrets."keys/gemini".sopsFile = secrets + "/keys.yaml";
+        };
+        environment.shellInit = # sh
+          ''
+            export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
+          '';
+      };
+    };
   flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ];
   perSystem =
     { pkgs, ... }: