update secrets, cleanup

hosts/nas/sops.nix

@@ -34,14 +34,14 @@
     restartUnits = [ "podman-nextcloud.service" ];
   };
 
-  sops.secrets."jallen-nas/manyfold/secretkeybase" = {
-    restartUnits = [ "podman-manyfold.service" ];
-  };
-
   sops.templates."nextcloud-smtp".content = ''
     ${config.sops.secrets."jallen-nas/nextcloud/smtppassword".path}
   '';
 
+  sops.secrets."jallen-nas/manyfold/secretkeybase" = {
+    restartUnits = [ "podman-manyfold.service" ];
+  };
+
   sops.secrets."jallen-nas/immich/db-password" = {
     restartUnits = [ "podman-immich-postgres.service" ];
   };
@@ -61,16 +61,27 @@
     restartUnits = [ "podman-immich-server.service" ];
   };
 
-  sops.secrets."jallen-nas/wireguard/private" = {
-    # restartUnits = [ "podman-immich-server.service" ];
+  sops.secrets."jallen-nas/open-webui" = {
+    restartUnits = [ "open-webui.service" ];
   };
 
-  sops.secrets."jallen-nas/wireguard/public" = {
-    # restartUnits = [ "podman-immich-server.service" ];
+  sops.secrets."jallen-nas/paperless/secret" = {
+    restartUnits = [ "container@paperless.service" ];
   };
-
-  sops.templates."wireguard-public".content = ''
-    "${config.sops.placeholder."jallen-nas/wireguard/public"}"
+  sops.templates."paperless-secret".content = ''
+    ${config.sops.secrets."jallen-nas/paperless/secret".path}
+  '';
+  sops.secrets."jallen-nas/paperless/authentik-client-id" = {
+    restartUnits = [ "container@paperless.service" ];
+  };
+  sops.templates."paperless-client-id".content = ''
+    ${config.sops.secrets."jallen-nas/paperless/authentik-client-id".path}
+  '';
+  sops.secrets."jallen-nas/paperless/authentik-client-secret" = {
+    restartUnits = [ "container@paperless.service" ];
+  };
+  sops.templates."paperless-client-secret".content = ''
+    ${config.sops.secrets."jallen-nas/paperless/authentik-client-secret".path}
   '';
 
   # Permission modes are in octal representation (same as chmod),