From 43aae2945d8546c147df2752750f448761a48dee Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Sat, 4 Oct 2025 19:05:57 -0500
Subject: [PATCH] add age and test with tailscale

---
 hosts/snowbelle/configuration.nix |  3 +++
 modules/system/tailscale.nix      | 10 +++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/hosts/snowbelle/configuration.nix b/hosts/snowbelle/configuration.nix
index 2c2dedc..f58c9f5 100644
--- a/hosts/snowbelle/configuration.nix
+++ b/hosts/snowbelle/configuration.nix
@@ -29,6 +29,9 @@
     blake.enable = true;
   };
 
+  # age
+  age.keyFile = ../../.keyring/age/keys.txt;
+
   # passwordless rebuild
   security.sudo.extraRules = [
     {
diff --git a/modules/system/tailscale.nix b/modules/system/tailscale.nix
index f45491d..17a49ee 100644
--- a/modules/system/tailscale.nix
+++ b/modules/system/tailscale.nix
@@ -1,6 +1,14 @@
 { pkgs, config, lib, ... }:
 
 {
+  age.secrets."tailscale_authkey" = {
+    file = ../../secrets/tailscale_authkey.txt.age;
+    owner = "blake";
+    group = "blake";
+    mode = "0400";
+  };
+
+
   options = {
     modules.system.tailscale.enable = lib.mkEnableOption "enables tailscale";
   };
@@ -10,7 +18,7 @@
       enable = true;
 
       useRoutingFeatures = "both";
-      authKeyFile = "/home/blake/.nix/.keyring/tailscale/authkey";
+      authKeyFile = "/run/agenix/tailscale_authkey";
     };
   };
 }