Refactor user configuration

2026-01-21 12:51:34 +01:00 · 2025-08-17 16:25:41 +02:00 · 2025-08-17 16:25:41 +02:00 · 9ecc4cf9ea
commit 9ecc4cf9ea
parent 4785c99ea4
15 changed files with 72 additions and 75 deletions
--- a/flake/hosts.nix
+++ b/flake/hosts.nix
@ -15,12 +15,21 @@ let
            "${self}/hosts/${hostName}"
            |> lib.filesystem.listFilesRecursive
            |> lib.filter (lib.hasSuffix ".nix");
          userFiles =
            "${self}/users"
            |> builtins.readDir
            |> lib.filterAttrs (_: type: type == "directory")
            |> builtins.attrNames
            |> map (user: "${self}/users/${user}/@${hostName}")
            |> builtins.filter (path: builtins.pathExists path);
        in
        [
          { networking = { inherit hostName; }; }
          "${self}/hosts/shared.nix"
        ]
-        ++ hostFiles;
+        ++ hostFiles
        ++ userFiles;
    };
  mkDeployNode = hostname: {
--- a/hosts/desktop/default.nix
+++ b/hosts/desktop/default.nix
@ -8,15 +8,11 @@
      enable = true;
      agePublicKey = "age18x6herevmcuhcmeh47ll6p9ck9zk4ga6gfxwlc8yl49rwjxm7qusylwfgc";
    };
    boot = {
      loader.systemd-boot.enable = true;
      silent = true;
    };
    users.seb = {
      enable = true;
      zsh.enable = true;
      homeManager.enable = true;
    };
    dm.tuigreet = {
      enable = true;
--- a/hosts/laptop/default.nix
+++ b/hosts/laptop/default.nix
@ -8,15 +8,11 @@
      enable = true;
      agePublicKey = "age1sywwrwse76x8yskrsfpwk38fu2cmyx5s9qkf2pgc68cta0vj9psql7dp6e";
    };
    boot = {
      loader.systemd-boot.enable = true;
      silent = true;
    };
    users.seb = {
      enable = true;
      zsh.enable = true;
      homeManager.enable = true;
    };
    dm.tuigreet = {
      enable = true;
--- a/hosts/srv-external/default.nix
+++ b/hosts/srv-external/default.nix
@ -12,8 +12,8 @@
      enable = true;
      agePublicKey = "age1dnpwfwh0h95r63e5qfjc2gvffw2tr2tx4new7sq2h3qs90kx9fmq322mx4";
    };
    boot.loader.grub.enable = true;
    users.seb.enable = true;
    services = {
      resolved.enable = true;
--- a/hosts/srv-internal/default.nix
+++ b/hosts/srv-internal/default.nix
@ -12,8 +12,8 @@
      enable = true;
      agePublicKey = "age1qz04yg4h4g22wxqca2pd5k0z574223f6m5c9jy5ny37nlgcd6u4styf06t";
    };
    boot.loader.systemd-boot.enable = true;
    users.seb.enable = true;
    services = {
      resolved.enable = true;
--- a/hosts/srv-monitor/default.nix
+++ b/hosts/srv-monitor/default.nix
@ -17,8 +17,8 @@
      enable = true;
      agePublicKey = "age1dnru7l0agvnw3t9kmx60u4vh5u4tyd49xdve53zspxkznnp9f34qtec9dl";
    };
    boot.loader.grub.enable = true;
    users.seb.enable = true;
    services = {
      resolved.enable = true;
--- a/modules/system/users/seb.nix
+++ b/modules/system/users/seb.nix
@ -1,61 +0,0 @@
 {
  config,
  inputs,
  self,
  pkgs,
  pkgs-unstable,
  lib,
  ...
 }:
 let
  cfg = config.custom.users.seb;
 in
 {
  imports = [ inputs.home-manager.nixosModules.home-manager ];
  options.custom.users.seb = {
    enable = lib.mkEnableOption "";
    zsh.enable = lib.mkEnableOption "";
    homeManager = {
      enable = lib.mkEnableOption "";
      configPaths = lib.mkOption {
        type = lib.types.listOf lib.types.path;
        default = [
          "${self}/users/shared-home.nix"
          "${self}/users/seb/home.nix"
          "${self}/users/seb/@${config.networking.hostName}/home.nix"
        ];
      };
    };
  };
  config = lib.mkIf cfg.enable (
    lib.mkMerge [
      {
        sops.secrets."seb-password".neededForUsers = true;
        users.users.seb = {
          isNormalUser = true;
          description = "Sebastian Stork";
          hashedPasswordFile = config.sops.secrets."seb-password".path;
          extraGroups = [ "wheel" ];
          shell = lib.mkIf cfg.zsh.enable pkgs.zsh;
        };
        programs.zsh.enable = lib.mkIf cfg.zsh.enable true;
      }
      (lib.mkIf cfg.homeManager.enable {
        home-manager = {
          useGlobalPkgs = true;
          useUserPackages = true;
          extraSpecialArgs = {
            inherit inputs self pkgs-unstable;
          };
          users.seb.imports = cfg.homeManager.configPaths;
        };
      })
    ]
  );
 }
--- a/users/home-manager.nix
+++ b/users/home-manager.nix
@ -0,0 +1,17 @@
 {
  inputs,
  self,
  pkgs-unstable,
  ...
 }:
 {
  imports = [ inputs.home-manager.nixosModules.home-manager ];
  home-manager = {
    useGlobalPkgs = true;
    useUserPackages = true;
    extraSpecialArgs = {
      inherit inputs self pkgs-unstable;
    };
  };
 }
--- a/users/seb/@desktop/default.nix
+++ b/users/seb/@desktop/default.nix
@ -0,0 +1,12 @@
 { self, pkgs, ... }:
 {
  imports = [
    ../user.nix
    "${self}/users/home-manager.nix"
  ];
  users.users.seb.shell = pkgs.zsh;
  programs.zsh.enable = true;
  home-manager.users.seb = ./home.nix;
 }
--- a/users/seb/@laptop/default.nix
+++ b/users/seb/@laptop/default.nix
@ -0,0 +1,12 @@
 { self, pkgs, ... }:
 {
  imports = [
    ../user.nix
    "${self}/users/home-manager.nix"
  ];
  users.users.seb.shell = pkgs.zsh;
  programs.zsh.enable = true;
  home-manager.users.seb = ./home.nix;
 }
--- a/users/seb/@srv-external/default.nix
+++ b/users/seb/@srv-external/default.nix
@ -0,0 +1 @@
 _: { imports = [ ../user.nix ]; }
--- a/users/seb/@srv-internal/default.nix
+++ b/users/seb/@srv-internal/default.nix
@ -0,0 +1 @@
 _: { imports = [ ../user.nix ]; }
--- a/users/seb/@srv-monitor/default.nix
+++ b/users/seb/@srv-monitor/default.nix
@ -0,0 +1 @@
 _: { imports = [ ../user.nix ]; }
--- a/users/seb/home.nix
+++ b/users/seb/home.nix
@ -1,5 +1,7 @@
 { pkgs, ... }:
 {
  imports = [ ../shared-home.nix ];
  home.sessionVariables.NH_FLAKE = "~/Projects/nixos-config";
  custom = {
--- a/users/seb/user.nix
+++ b/users/seb/user.nix
@ -0,0 +1,11 @@
 { config, ... }:
 {
  sops.secrets."seb-password".neededForUsers = true;
  users.users.seb = {
    isNormalUser = true;
    description = "Sebastian Stork";
    hashedPasswordFile = config.sops.secrets."seb-password".path;
    extraGroups = [ "wheel" ];
  };
 }