introduce sops to the config to be able to use encrypted tokens and passwords, also use these in factorio

modules/nixos/apps/factorio-server/default.nix

@@ -17,25 +17,40 @@ in
 
   config = mkIf cfg.enable {
     environment.systemPackages = with pkgs; [ factorio-headless ];
+    sops = {
+      secrets = {
+        factorio_token = { restartUnits = ["factorio.service"]; };
+        factorio_username = { restartUnits = ["factorio.service"]; };
+        factorio_game_password = { restartUnits = ["factorio.service"]; };
+      };
+      templates."extraSettingsFile.json".content = ''
+        {
+          "name": "Alles Nix!",
+          "description": "Trying to run a factorio-headless-server on my nix system",
+          "tags": ["vanilla"],
+          "max_players": 10,
+          "game_password": "${config.sops.placeholder.factorio_game_password}",
+          "allow_commands": "admins-only",
+          "autosave_slots": 5,
+          "ignore_player_limit_for_returning_players": true,
+          "username" : "${config.sops.placeholder.factorio_username}",
+          "admins": ["${config.sops.placeholder.factorio_username}"],
+          "token": "${config.sops.placeholder.factorio_token}"
+        }
+      '';
+      templates."extraSettingsFile.json".mode = "0444";
+    };
 
     services.factorio = {
       enable = true;
       openFirewall = true;
       public = true;
       lan = true;
-      admins = [
-        "DaHolli"
-        "Galbrain"
-      ];
       nonBlockingSaving = true;
       autosave-interval = 5;
       loadLatestSave = true;
-      username = "DaHolli";
-      token = "4d4624ca9a23396e1955c1b4b364ff";
-      game-name = "Alles Nix!";
-      game-password = "1234";
-      saveName = "Vanilla";
       bind = "192.168.178.34";
+      extraSettingsFile = config.sops.templates."extraSettingsFile.json".path;
     };
   };
 }