{flake, ...}: let
  inherit
    (flake.config.people)
    user0
    user1
    ;
in {
  sops = {
    defaultSopsFile = ../../secrets/secrets.yaml;
    validateSopsFiles = false;
    age = {
      keyFile = "/var/lib/sops-nix/key.txt";
      generateKey = false;
    };
    secrets = {
      "ssh/private" = {
        path = "/home/${user0}/.ssh/id_ed25519";
        owner = user0;
      };
      "ssh/public" = {
        path = "/home/${user0}/.ssh/id_ed25519.pub";
        owner = user0;
      };
      "network/synology" = {
        path = "/var/lib/secrets/synology";
        owner = "root";
        mode = "600";
      };
      "network/server" = {
        path = "/var/lib/secrets/server";
        owner = "root";
        mode = "600";
      };
      "network/${user1}" = {
        path = "/var/lib/secrets/${user1}";
        owner = "root";
        mode = "600";
      };
    };
  };
}