nixos/hosts/freun-dev/secrets.nix

{ lib, config, ... }:
{
  age.secrets = lib.listToAttrs
    (
      map (secret: { name = secret; value = { file = ../../secrets/${secret}.age; }; }) [
        "gotosocial"
        "immich"
        "readeck"
        "storage-box-credentials"
        "vaultwarden"
        "donetick"
        "dnote"
        "octodns"
        "mealie"
      ]
    ) // {
    smtp-password = {
      file = ../../secrets/smtp-password.age;
      owner =
        if (config.services.grafana.enable) then
          config.systemd.services.grafana.serviceConfig.User
        else
          "root";
    };
    hastebin-tokens = {
      file = ../../secrets/hastebin-tokens.age;
      owner =
        if (config.services.hastebin.enable) then
          config.users.users.hastebin.name
        else
          "root";
    };
  };
}