feat(sops): make secrets optional in homes

nix/homes/aarch64-darwin/sab@mbp16/default.nix

@@ -44,6 +44,12 @@ with lib.custom; {
     };
   };
 
+  sops.secrets = {
+    env_credentials = {
+      sopsFile = lib.snowfall.fs.get-file "secrets/sab/default.yaml";
+      path = "${config.home.homeDirectory}/.ssh/sops-env-credentials";
+    };
+  };
   home.sessionPath = [
     "$HOME/bin"
   ];

nix/homes/x86_64-linux/sab@nz/default.nix

@@ -63,5 +63,12 @@ in {
       };
     };
   };
+
+  sops.secrets = {
+    env_credentials = {
+      sopsFile = lib.snowfall.fs.get-file "secrets/sab/default.yaml";
+      path = "${config.home.homeDirectory}/.ssh/sops-env-credentials";
+    };
+  };
   home.stateVersion = "23.11";
 }

nix/modules/home/security/sops/default.nix

@@ -37,13 +37,6 @@ in {
         sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"] ++ cfg.sshKeyPaths;
       };
 
-      # Example secrets
-      secrets = {
-        env_credentials = {
-          sopsFile = lib.snowfall.fs.get-file "secrets/sab/default.yaml";
-          path = "${config.home.homeDirectory}/.ssh/sops-env-credentials";
-        };
-      };
       #   exa_mbp16 = {
       #     sopsFile = lib.snowfall.fs.get-file "secrets/mbp16@sab/default.yaml";
       #     path = "${config.home.homeDirectory}/exa-test.yaml";

nix/modules/nixos/system/security/sops/default.nix

@@ -24,11 +24,5 @@ in {
         keyFile = "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt";
       };
     };
-
-    sops.secrets = {
-      "nz_sab_ssh_key" = {
-        sopsFile = lib.snowfall.fs.get-file "secrets/sab/default.yaml";
-      };
-    };
   };
 }