feat: migrate all containers and hosts to sops

nix/os/devices/sj-vps-htz0: bump versions
nix/os/devices/elias-e525: bump versions
nix/os/devices/steveej-t14: bump versions
nix/os/devices/justyna-p300: bump versions

nix/os/devices/justyna-p300/user.nix

@@ -3,19 +3,30 @@
   pkgs,
   ...
 }: let
-  passwords = import ../../../variables/passwords.crypt.nix;
   keys = import ../../../variables/keys.nix;
-  inherit (import ../../lib/default.nix {inherit (pkgs) lib;}) mkUser;
+  inherit (pkgs.callPackage ../../lib/default.nix {}) mkUser;
 in {
+  sops.secrets.sharedUsers-elias = {
+    sopsFile = ../../../../secrets/shared-users.yaml;
+    neededForUsers = true;
+    format = "yaml";
+  };
+
+  sops.secrets.sharedUsers-justyna = {
+    sopsFile = ../../../../secrets/shared-users.yaml;
+    neededForUsers = true;
+    format = "yaml";
+  };
+
   users.extraUsers.elias = mkUser {
     uid = 1001;
     openssh.authorizedKeys.keys = keys.users.steveej.openssh;
-    hashedPassword = passwords.users.elias;
+    passwordFile = config.sops.secrets.sharedUsers-elias.path;
   };
 
   users.extraUsers.justyna = mkUser {
     uid = 1002;
     openssh.authorizedKeys.keys = keys.users.steveej.openssh;
-    hashedPassword = passwords.users.justyna;
+    passwordFile = config.sops.secrets.sharedUsers-justyna.path;
   };
 }