secrets: ignore roaming keys for secrets

secrets/secrets.nix

@@ -1,6 +1,10 @@
 with builtins;
 let
   flatten = x: if isList x then concatMap (y: flatten y) x else [ x ];
+  hasPrefix = pref: str: (substring 0 (stringLength pref) str == pref);
+  isValidKey = key: all (keyPrefix: !(hasPrefix keyPrefix key)) [
+    "sk-ssh-ed25519"
+  ];
 
   systems = {
     Infini-DESKTOP = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7uX1myj9ghv7wMoL038oGDCdScdyLd7RvYdnoioSBh root@Infini-DESKTOP";
@@ -13,10 +17,10 @@ let
     infinidoge = import ../users/infinidoge/ssh-keys.nix;
     root = import ../users/root/ssh-keys.nix;
   };
-  allKeys = flatten [
+  allKeys = filter isValidKey (flatten [
     (attrValues systems)
     (attrValues users)
-  ];
+  ]);
 in
 {
   "infinidoge-password.age".publicKeys = allKeys;