Add tools.secrets option

common/default.nix

@@ -0,0 +1,11 @@
+{ pkgs, lib, config, ... }:
+with lib;
+{
+  options.tools.secrets = {
+    enable = mkEnableOption "Enable secret-management tools";
+  };
+  
+  config = mkIf config.tools.secrets.enable {
+    environment.systemPackages = [ pkgs.git-crypt ];
+  };
+}

flake.nix

@@ -12,12 +12,18 @@
     nixosConfigurations = {
       marauder = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
-        modules = [ ./marauder ];
+        modules = [
+          ./marauder
+          ./common
+        ];
         specialArgs = { inherit inputs secrets; };
       };
       monolith = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
-        modules = [ ./monolith ];
+        modules = [
+          ./monolith
+          ./common
+        ];
         specialArgs = { inherit inputs secrets; };
       };
     };

marauder/default.nix

@@ -65,6 +65,10 @@
 
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
 
+  tools.secrets = {
+    enable = true;
+  };
+
   environment.systemPackages = with pkgs; [
     # Chat clients
     discord
@@ -87,9 +91,6 @@
 
     # Productivity
     obsidian
-
-    # Utilities
-    git-crypt
   ];
 
   programs.git = {

monolith/default.nix

@@ -37,6 +37,10 @@
 
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
 
+  tools.secrets = {
+    enable = true;
+  };
+
   programs.git = {
     enable = true;
     lfs.enable = true;