From 35a6843eea633b1fa886064050aa978bb0f16b34 Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Mon, 6 Oct 2025 11:08:13 -0500
Subject: [PATCH] 29 current  2025-10-06 11:08:10  25.05.20251001.5b5be50 
 6.12.49                          *

---
 flake.nix               |  2 +-
 modules/system/sops.nix | 13 +++++++++++--
 secrets/secrets.yaml    |  6 ++++--
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/flake.nix b/flake.nix
index e329281..0e8463d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,6 @@
 # flake for blakes nixos config
 # define new devices in outputs
-# generation: 25 current  2025-10-06 11:02:00  25.05.20251001.5b5be50  6.12.49                          *
+# generation: 29 current  2025-10-06 11:08:10  25.05.20251001.5b5be50  6.12.49                          *
 {
   description = "blakes nix config";
   inputs = {
diff --git a/modules/system/sops.nix b/modules/system/sops.nix
index a2b88c8..a407c19 100644
--- a/modules/system/sops.nix
+++ b/modules/system/sops.nix
@@ -30,12 +30,21 @@ in
         "tailscale_authkey" = lib.mkIf config.modules.system.tailscale.enable { 
           owner = "root";
         };
-
+        "key1" = { 
+          owner = "root";
+        };
+#        "key2" = { 
+#          owner = "blake";
+#        };
+        "key3" = { 
+          owner = "blake";
+          group = "blake";
+        };
         "blake_pass" = { 
           owner = "root";
           group = "root";
           path = "/run/secrets/blake_pass";
-#          neededForUsers = true;
+          neededForUsers = true;
         };
         
       };
diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml
index 9c5178d..ac767af 100644
--- a/secrets/secrets.yaml
+++ b/secrets/secrets.yaml
@@ -10,6 +10,8 @@ example_booleans:
     - ENC[AES256_GCM,data:Fo9fEJA=,iv:nPxly0FQRo5/xY5vP5V2n8gcdbjbDslhFPlmB5MAGyQ=,tag:Gq3/hljDSPbd5BuDtSKdGQ==,type:bool]
 #ENC[AES256_GCM,data:9A2p05BEY4NdZQ==,iv:QDSNH1BPOO7zbA1kuxvsAgRCXFGXVTZaFOelbgshONY=,tag:zx4jKl2fDXaU0UX1TDpwiQ==,type:comment]
 tailscale_authkey: ENC[AES256_GCM,data:SU0k3asrJd+WZ86VbC4w8TDJp+MqsbyagrzCfDcgTzO5yvBjpWAKbJ7A+VxgQvdu4+S2jMYbdrONPp3YbQ==,iv:VMYmGVk5GpUQApKKQYhdOw/cYCXrXxEZJJwHfQL4MjQ=,tag:7ruaoCDxuFQ7tE/JLJ37Xw==,type:str]
+key1: ENC[AES256_GCM,data:gMml+RqSdw==,iv:P2EQv9dXrt2OViOknGkSZyqFu9QK50fx8ryKDBX6t04=,tag:2coTjqnria4T6DCyYa1w9g==,type:str]
+key3: ENC[AES256_GCM,data:Gk4/ZtLSFOR0MA==,iv:2QuQsQc8SoiDhlV1VJu1FX8Rso8QxPth22hr7KS22MU=,tag:siBpyqSze65eZtJbOm1ZUA==,type:str]
 blake_pass: ENC[AES256_GCM,data:IMAQHFXu1Rc=,iv:jcdVxQpt51Ca5OO3S0GIkU5WyIkLfAutY/CncGKQ+S4=,tag:ujI6sh+0G9Mh7rcw5qHf6A==,type:str]
 sops:
     age:
@@ -22,7 +24,7 @@ sops:
             U0tmdFBuZnJES3piOTZNV0VKQmQ0eVUKCWRQ/flLzmpC64WyLoipklZBmrkpYiUg
             PRu+itNolpPTHm96pe+P93g2iP0wgekG0cX21wkiU2xaLF3dY2FEIA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-10-06T15:54:54Z"
-    mac: ENC[AES256_GCM,data:OfTI1W3C8MPHPzOggYB8aWHBjWDQUHUtiCN7fI/SsmJzDf+U+bOOdEhbbJoD4CfJIGabwWAzt3yn5P73FYjWf5Kdv5j7qZcIK/RfWte6nISdWpXJBwWYfgNbcXrFh1vyOXcOAXjTaOj9mfhpLYlw3D/+ChXpGQG1yUiG4ULayzc=,iv:JRj4bCGTGour/WMM+pnjddVdiOURwFY1Rf0ExiRZDCE=,tag:oHp7D2zgGGzfIj8ZdpevAQ==,type:str]
+    lastmodified: "2025-10-06T16:07:10Z"
+    mac: ENC[AES256_GCM,data:2Nbz3uDfwbSfOaXYWkoAxfSBV5rGVMfiL1kTyCsRKbeH+6wbyPYmJ2TLHSPyzAiO/xm2NFb3sQUggTyqeWJe8zXAOMPJXuR8jfU/R3bWrMF77Alj9jOpqNu1E+fzkc1doImkqbuBAicBoRgooK+E20guOg9YwRt78UX0OrO97UU=,iv:ywgzilZ99939MqT36CASfsIaJw2Y6uRuLFtDBfU7Ofs=,tag:UGYhqW2oze9cHGgFStX+ZA==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2