Feat(treewide): Add enable options for secrets and impermanence

1 files changed, 26 insertions, 20 deletions

diff --git a/secrets/default.nix b/secrets/default.nix
index 1807fb8d..d1fc1714 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -1,25 +1,31 @@
-{config, ...}: let
+{
+  config,
+  lib,
+  ...
+}: let
   name = config.networking.hostName;
 in {
-  age = {
-    secrets = {
-      nheko = {
-        file = ./nheko/conf. + name;
-        mode = "700";
-        owner = "soispha";
-        group = "users";
-      };
-      serverphoneCa = {
-        file = ./serverphone/ca.key;
-        mode = "700";
-        owner = "serverphone";
-        group = "serverphone";
-      };
-      serverphoneServer = {
-        file = ./serverphone/server.key;
-        mode = "700";
-        owner = "serverphone";
-        group = "serverphone";
+  config = lib.mkIf config.soispha.secrets.enable {
+    age = {
+      secrets = {
+        nheko = {
+          file = ./nheko/conf. + name;
+          mode = "700";
+          owner = "soispha";
+          group = "users";
+        };
+        serverphoneCa = {
+          file = ./serverphone/ca.key;
+          mode = "700";
+          owner = "serverphone";
+          group = "serverphone";
+        };
+        serverphoneServer = {
+          file = ./serverphone/server.key;
+          mode = "700";
+          owner = "serverphone";
+          group = "serverphone";
+        };
       };
     };
   };