sops: 配置多机器标准密钥流程

hosts/eris/configuration.nix

@@ -9,9 +9,9 @@
     [
       # Include the results of the hardware scan.
       ./hardware-configuration.nix
-      inputs.sops-nix.nixosModules.sops
       ../modules/nix-cache.nix
       ../modules/users/origami.nix
+      ../modules/sops.nix
     ];
 
   boot.loader = {
@@ -150,13 +150,14 @@
   users.users.origami.extraGroups = [ "wheel" "networkmanager" ];
   security.sudo.wheelNeedsPassword = false;
 
-  sops.defaultSopsFile = ../../secrets/ssh-private.yaml;
-  sops.defaultSopsFormat = "yaml";
-  sops.age.keyFile = "/home/origami/.config/sops/age/keys.txt";
-
   # List services that you want to enable:
 
   # Enable the OpenSSH daemon.
   services.openssh.enable = true;
+
+  # 密钥管理: 这是日用机器
+  sops.defaultSopsFile = ../../secrets/ssh-private.yaml;
+  sops.age.keyFile = "/home/origami/.config/sops/age/keys.txt";
+
   system.stateVersion = "23.11";
 }