[#5] adding sops support

.sops.yaml

@@ -0,0 +1,16 @@
+keys:
+  - &nerf age1rasjnr2tlv9y70sj0z0hwpgpxdc974wzg5umtx2pnc6z0p05u3js6r8sln
+
+  - &nyarlathotep age1s99d0vlj5qlm287n98jratql5fypvjrxxal0k5jl2aw9dcc8kyvqw5yyt4
+
+creation_rules:
+  - path_regex nixos/machines/nyarlathotep/.*
+    key_groups:
+      - age:
+          *nerf
+          *nyarlathotep
+  # this is the catchall clause if nothing above machtes. Encrypt to users but not
+  # to machines
+  - key_groups:
+      - age:
+          *nerf