diff --git a/default.nix b/default.nix index 23e81ac..a724549 100644 --- a/default.nix +++ b/default.nix @@ -66,14 +66,15 @@ in sops = { age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - secrets = { - xin_secrets_deploy_key = { - sopsFile = config.xin-secrets.deploy; - owner = "root"; - group = "wheel"; - mode = "400"; - }; - }; + secrets = + if config.needsDeploy.enable then { + xin_secrets_deploy_key = { + sopsFile = config.xin-secrets.deploy; + owner = "root"; + group = "wheel"; + mode = "400"; + }; + } else { }; };