restructure naming scheme

.sops.yaml

@@ -0,0 +1,9 @@
+# .sops.yaml
+
+keys:
+  - &primary age14gfh682a7m7jfp3qrulql03x5rs7yedwmxwksxrrmgjsunstyuksqx93pz
+creation_rules:
+  - path_regex: secrets/secrets.yaml$
+    key_groups:
+    - age:
+      - *primary

flake.nix

@@ -9,6 +9,8 @@
       url = "github:nix-community/home-manager/release-25.05";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    inputs.sops-nix.url = "github:Mic92/sops-nix";
+    inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs";
   };
   
   outputs = { self, nixpkgs, home-manager, ... }@inputs: 

hosts/snowbelle/configuration.nix

@@ -5,13 +5,14 @@
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
       ../../users/users.nix
-      ../../modules/system/system.nix
-      ../../modules/homelab/homelab.nix
+      ../../modules/system/default.nix
+      ../../modules/homelab/default.nix
     ];
 
   modules = {
     system = {
       ssh.enable = true;
+      sops.enable = true;
       docker.enable = true;
       syncthing.enable = true;
       tailscale.enable = true;

modules/system/default.nix

@@ -3,6 +3,7 @@
 {
   imports = [
     ./ssh.nix
+    ./sops.nix
     ./docker.nix
     ./tailscale.nix
     ./syncthing.nix
@@ -10,6 +11,7 @@
   ];
 
   modules.system.ssh.enable = lib.mkDefault true;
+  modules.system.sops.enable = lib.mkDefault true;
   modules.system.docker.enable = lib.mkDefault true;
   modules.system.tailscale.enable = lib.mkDefault true;
   modules.system.syncthing.enable = lib.mkDefault true;