vars: fix using vars module with multiple machines

This filters the secrets to only include the secrets managed under `per-machine` and `shared`,
otherwise new deployments will fail, when using the vars module for multiple machines:

```
[vyr] /nix/store/[…]sops-install-secrets: failed to decrypt '/nix/store/[…]/sops/vars/per-machine/draper/garage/admin_token/secret': Error getting data key: 0 successful groups required, got 0
```

This doesn't fix all the edge cases with this approach.
We get a similar error if we deploy shared vars that are not
encrypted for our machine key. This needs to be addressed when
implementing the shared vars functionality.

nixosModules/clanCore/vars/secret/sops/default.nix

@@ -13,7 +13,14 @@ let
   varsDirMachines = config.clan.core.clanDir + "/sops/vars/per-machine";
   varsDirShared = config.clan.core.clanDir + "/sops/vars/shared";
 
-  vars = (listVars varsDirMachines) ++ (listVars varsDirShared);
+  varsUnfiltered = (listVars varsDirMachines) ++ (listVars varsDirShared);
+  filterVars =
+    vars:
+    builtins.elem vars.machine [
+      config.clan.core.machineName
+      "shared"
+    ];
+  vars = lib.filter filterVars varsUnfiltered;
 
 in
 {