It is possible to performI recommend using the same salt $S$ for the same password $P$ in multiple encryptions, and a single Argon2id forpassword-to-key derivation of the$(P,S)$ into a single AES-GCM key with a$K$. That's best, because it allows to use higher cost parameters in Argon2id (e.g. that of the question's single salt identicalkey approach). That's safe, as long as a fresh and unique AES nonce $N_i$ is used for the AES-GCM encryption each file encrypted.
Each independently decipherable ciphertext file should contain (e.g. at start) the Argon2id parameters, using$S$, and $N_i$, in order to allow decryption. Decryption can cache the same key for all files;last $K$, and usereuse it when the inputs $(P,S)$ and parameters are unchanged in the next file.
Possible improvement: if it's wanted a second salt, unique to eachkey $K_i$ per file, for AES-GCM itselfthat can be done by a secondary fast key derivation of $(K,N_i)$. The drawbacks areThat can be Argon2id with input and the lightest parameters possible $(p=1, m=8, t=1)$. This also limits to almost nothing the consequence of a repeated $N_i$ or counter overlap.
- Each file header must contain the two salts
- A failure of the salt generator (causing duplicated salts) has worse consequences.
- There is one more salt to generate
If no trusted CSPRNG is available to generate the $N_i$, that can be done by another secondary key derivation function, e.g. as Argon2id with input $(K,i)$ and the lightest different parameters possible, e.g. $(p=1, m=8, t=1, X=\mathtt{'N'})$