{
  config,
  lib,
  pkgs,
  namespace,
  ...
}:
let
  inherit (lib.${namespace}.module) mkModule mkOpt;
in
mkModule {
  name = "sops";
  description = "SOPS secret management for home-manager";
  options = {
    defaultSopsFile = mkOpt lib.types.path null "Default sops file.";

    sshKeyPaths = mkOpt (lib.types.listOf lib.types.str) [ ] "SSH Key paths to use.";
  };
  config = {
    home.packages = with pkgs; [
      age
      sops
      ssh-to-age
    ];

    sops = {
      inherit (config.${namespace}.sops) defaultSopsFile;
      defaultSopsFormat = "yaml";

      age = {
        generateKey = true;
        keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
        sshKeyPaths = [
          "${config.home.homeDirectory}/.ssh/id_ed25519"
        ]
        ++ config.${namespace}.sops.sshKeyPaths;
      };
    };
  };
}