{ pkgs, config, lib, inputs, ... }:

{
  imports = [ inputs.sops-nix.nixosModules.sops ];

  options = {
    modules.system.sops.enable = lib.mkEnableOption "enables ssh";
  };

  config = lib.mkIf config.modules.system.sops.enable {
    # enable and configure sops for secrets
    sops.defaultSopsFile = ../../secrets/secrets.yaml;
    sops.defaultSopsFormat = "yaml";
  
    sops.age.keyFile = "/home/blake/.config/sops/age/keys.txt";

    sops.secrets.example-key = { };
    sops.secrets."tailscale_authkey" = {
      owner = "root";
    };
  };
}