update file pattern for sops secrets pre-commit

.pre-commit-config.yaml

@@ -36,3 +36,4 @@ repos:
       - id: sops-encryption
         # Uncomment to exclude all markdown files from encryption
         # exclude: *.\.md
+        files: .*secrets.*

nixos/modules/nixos/system/incus/default.nix

@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+{
+  sops.secrets.secret-domain-0 = {
+    sopsFile = ./secret.sops.yaml;
+  };
+
+  users.users.jahanson.extraGroups = [ "incus-admin" ];
+
+  virtualisation.incus = {
+    enable = true;
+    ui.enable = true;
+  };
+
+
+  # systemd.services.incus-preseed.postStart = "${oidcSetup}";
+
+  networking = {
+    nftables.enable = true;
+    firewall = {
+      allowedTCPPorts = [
+        8443
+        53
+        67
+      ];
+      allowedUDPPorts = [
+        53
+        67
+      ];
+    };
+  };
+}