diff --git a/nixosModules/clanCore/secrets/default.nix b/nixosModules/clanCore/secrets/default.nix
index 99c3a94f..a7ed7836 100644
--- a/nixosModules/clanCore/secrets/default.nix
+++ b/nixosModules/clanCore/secrets/default.nix
@@ -92,14 +92,42 @@
               config' = config;
             in
             lib.mkOption {
-              type = lib.types.attrsOf (lib.types.submodule ({ config, ... }: {
+              type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: {
                 options = {
                   name = lib.mkOption {
                     type = lib.types.str;
                     description = ''
                       name of the secret
                     '';
-                    default = config._module.args.name;
+                    default = name;
+                  };
+                  interactive = lib.mkOption {
+                    type = lib.types.submodule ({ config, ... }: {
+                      options = {
+                        path = lib.mkOption {
+                          type = lib.types.listOf (lib.types.either lib.types.path lib.types.package);
+                          default = [ ];
+                          description = ''
+                            Extra paths to add to the PATH environment variable when running the generator.
+                          '';
+                        };
+                        script =  lib.mkOption {
+                          type = lib.types.nullOr lib.types.str;
+                          default = null;
+                          description = ''
+                            If this script is set, the secret generator will show the prompt generated by this script
+                            and pass the result to post.
+                          '';
+                        };
+                        post =  lib.mkOption {
+                          type = lib.types.str;
+                          default = "cat";
+                          description = ''
+                            this script takes the output of script as the input and the output is saved to the secret.
+                          '';
+                        };
+                      };
+                    });
                   };
                   path = lib.mkOption {
                     type = lib.types.str;
@@ -133,6 +161,34 @@
                   '';
                   default = fact.config._module.args.name;
                 };
+                interactive = lib.mkOption {
+                  type = lib.types.submodule ({ config, ... }: {
+                    options = {
+                      path = lib.mkOption {
+                        type = lib.types.listOf (lib.types.either lib.types.path lib.types.package);
+                        default = [ ];
+                        description = ''
+                          Extra paths to add to the PATH environment variable when running the generator.
+                        '';
+                      };
+                      script =  lib.mkOption {
+                        type = lib.types.nullOr lib.types.str;
+                        default = null;
+                        description = ''
+                          If this script is set, the secret generator will show the prompt generated by this script
+                          and pass the result to post.
+                        '';
+                      };
+                      post =  lib.mkOption {
+                        type = lib.types.str;
+                        default = "cat";
+                        description = ''
+                          this script takes the output of script as the input and the output is saved to the secret.
+                        '';
+                      };
+                    };
+                  });
+                };
                 path = lib.mkOption {
                   type = lib.types.str;
                   description = ''