fix remote build

system/default.nix

@@ -1,4 +1,4 @@
-{ config, lib, nixpkgs, ... }: {
+{ config, lib, pkgs, nixpkgs, ... }: {
 
     imports = [ 
         ./services
@@ -65,13 +65,25 @@
             createHome = false;
         };
 
+        sops.secrets = let 
+            machines = builtins.readDir ../machines;
+        in lib.mkIf config.sops.remoteBuildHost (builtins.listToAttrs 
+            (builtins.map 
+                (x: { name = "remoteBuildClientKeys/${x}"; value = { sopsFile = ./secrets.yaml; }; }) 
+                (builtins.filter 
+                    (x: machines.${x} == "directory" && (import ../machines/${x} { config = {}; inputs = {}; inherit lib pkgs; }).config.sysconfig.remoteBuildClient) 
+                    machines
+                )
+            )
+        );
+
         sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
             content = builtins.concatStringsSep ''''\n'' (builtins.map 
                     (y: config.sops.placeholder.${y}) 
-                    (builtins.partition 
+                    (builtins.filter 
                      (x: (builtins.match "^remoteBuildClientKeys/.+" x) != null) 
                      (builtins.attrNames config.sops.secrets)
-                    ).right
+                    )
                     );
             path = "/etc/ssh/authorized_keys.d/remote-builder";
             owner = "remote-builder";