add(README): migrated SOPS documentation to secrets/

secrets/README.md

@@ -0,0 +1,51 @@
+# How to Use SOPS
+SOPS is an important aspect of this operating system. Learning to use it is important for security and modularity. It is **important** that you do not lose the `private key`, as it is irrecoverable.
+
+To get started, follow the instructions below.
+1. Create a folder.
+```sh
+mkdir -p ~/.config/sops/age
+```
+2. Generate a private key using `age`
+```sh
+nix-shell -p age --run "age-keygen -o ~/.config/sops/age/keys.txt"
+```
+**...OR**
+Use `ssh-to-age` to convert `id_ed22519` to `age`.
+```sh
+nix-shell -p ssh-to-age --run "ssh-to-age -private-key -i ~/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt"
+```
+There are other ways of generating a private key. Refer to [sops-nix](https://github.com/Mic92/sops-nix).
+
+3. Get a **public key**.
+```sh
+nix-shell -p age --run "age-keygen -y ~/.config/sops/age/keys.txt"
+```
+4. On the same directory as `flake.nix`, create `.sops.yaml` and paste the following below.
+```yaml
+# This example uses YAML anchors which allows reuse of multiple keys 
+# without having to repeat yourself.
+# Also see https://github.com/Mic92/dotfiles/blob/d6114726d859df36ccaa32891c4963ae5717ef7f/nixos/.sops.yaml
+# for a more complex example.
+keys:
+  - &admin_alice 2504791468b153b8a3963cc97ba53d1919c5dfd4
+  - &admin_bob age12zlz6lvcdk6eqaewfylg35w0syh58sm7gh53q5vvn7hd7c6nngyseftjxl
+creation_rules:
+  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
+    key_groups:
+    - pgp:
+      - *admin_alice
+      age:
+      - *admin_bob
+
+```
+Replace as according to your needs.
+
+5. Create a sops `.yaml` file.
+```sh
+nix-shell -p sops --run "sops secrets/example.yaml"
+```
+NOTE: If you add a new host to your `.sops.yaml`, you will need to update the keys for all secrets.
+```sh
+nix-shell -p sops --run "sops updatekeys secrets/example.yaml"
+```