refactor(modules): reduce host repetition

modules/_lib/secrets.nix

@@ -0,0 +1,44 @@
+{lib}: let
+	local = import ./local.nix;
+in rec {
+	mkBinarySecret = {
+		name,
+		sopsFile,
+		owner ? null,
+		group ? null,
+		path ? local.secretPath name,
+	}:
+		{
+			inherit path sopsFile;
+			format = "binary";
+		}
+		// lib.optionalAttrs (owner != null) {
+			inherit owner;
+		}
+		// lib.optionalAttrs (group != null) {
+			inherit group;
+		};
+
+	mkUserBinarySecret = {
+		name,
+		sopsFile,
+		owner ? local.user.name,
+		path ? local.secretPath name,
+	}:
+		mkBinarySecret {
+			inherit name owner path sopsFile;
+		};
+
+	mkServiceBinarySecret = {
+		name,
+		sopsFile,
+		serviceUser,
+		serviceGroup ? serviceUser,
+		path ? local.secretPath name,
+	}:
+		mkBinarySecret {
+			inherit name path sopsFile;
+			group = serviceGroup;
+			owner = serviceUser;
+		};
+}