Manage users with the option system

2026-01-21 12:51:34 +01:00 · 2025-06-13 16:21:42 +02:00 · 2025-06-13 16:21:42 +02:00 · d7070b6fb5
commit d7070b6fb5
parent 9386dc29d7
15 changed files with 79 additions and 71 deletions
--- a/flake/hosts.nix
+++ b/flake/hosts.nix
@ -14,19 +14,11 @@ let
            "${self}/hosts/${hostName}"
            |> lib.filesystem.listFilesRecursive
            |> builtins.filter (lib.hasSuffix ".nix");
-          userFiles =
-            "${self}/users"
-            |> builtins.readDir
-            |> lib.filterAttrs (_: type: type == "directory")
-            |> builtins.attrNames
-            |> map (user: "${self}/users/${user}/@${hostName}")
-            |> builtins.filter (path: builtins.pathExists path);
        in
        lib.flatten [
          { networking = { inherit hostName; }; }
          "${self}/hosts/shared.nix"
          hostFiles
-          userFiles
        ];
    };
  };
--- a/hosts/alto/default.nix
+++ b/hosts/alto/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.systemdBoot.enable = true;

+    users.seb.enable = true;
+
    services = {
      tailscale = {
        enable = true;
--- a/hosts/cirrus/default.nix
+++ b/hosts/cirrus/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.grub.enable = true;

+    users.seb.enable = true;
+
    services = {
      tailscale = {
        enable = true;
--- a/hosts/cumulus/default.nix
+++ b/hosts/cumulus/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.grub.enable = true;

+    users.seb.enable = true;
+
    services = {
      tailscale = {
        enable = true;
--- a/hosts/fern/default.nix
+++ b/hosts/fern/default.nix
@ -10,6 +10,12 @@
      silent = true;
    };

+    users.seb = {
+      enable = true;
+      zsh.enable = true;
+      homeManager.enable = true;
+    };
+
    dm.tuigreet.enable = true;
    de.hyprland.enable = true;

--- a/hosts/north/default.nix
+++ b/hosts/north/default.nix
@ -10,6 +10,12 @@
      silent = true;
    };

+    users.seb = {
+      enable = true;
+      zsh.enable = true;
+      homeManager.enable = true;
+    };
+
    dm.tuigreet.enable = true;
    de.hyprland.enable = true;

--- a/modules/system/users/seb.nix
+++ b/modules/system/users/seb.nix
@ -0,0 +1,61 @@
+{
+  config,
+  self,
+  inputs,
+  pkgs,
+  pkgs-unstable,
+  lib,
+  ...
+}:
+let
+  cfg = config.custom.users.seb;
+in
+{
+  imports = [ inputs.home-manager.nixosModules.home-manager ];
+
+  options.custom.users.seb = {
+    enable = lib.mkEnableOption "";
+    zsh.enable = lib.mkEnableOption "";
+    homeManager = {
+      enable = lib.mkEnableOption "";
+      configPath = lib.mkOption {
+        type = lib.types.listOf lib.types.path;
+        default = [
+          "${self}/users/shared-home.nix"
+          "${self}/users/seb/home.nix"
+          "${self}/users/seb/@${config.networking.hostName}/home.nix"
+        ];
+      };
+    };
+  };
+
+  config = lib.mkIf cfg.enable (
+    lib.mkMerge [
+      {
+        sops.secrets."seb-password".neededForUsers = true;
+
+        users.users.seb = {
+          isNormalUser = true;
+          description = "Sebastian Stork";
+          hashedPasswordFile = config.sops.secrets."seb-password".path;
+          extraGroups = [ "wheel" ];
+          shell = lib.mkIf cfg.zsh.enable pkgs.zsh;
+        };
+
+        programs.zsh.enable = lib.mkIf cfg.zsh.enable true;
+      }
+
+      (lib.mkIf cfg.homeManager.enable {
+        home-manager = {
+          useGlobalPkgs = true;
+          useUserPackages = true;
+          extraSpecialArgs = {
+            inherit inputs self pkgs-unstable;
+          };
+
+          users.seb.imports = cfg.homeManager.configPath;
+        };
+      })
+    ]
+  );
+}
--- a/users/home-manager.nix
+++ b/users/home-manager.nix
@ -1,17 +0,0 @@
-{
-  inputs,
-  self,
-  pkgs-unstable,
-  ...
-}:
-{
-  imports = [ inputs.home-manager.nixosModules.home-manager ];
-
-  home-manager = {
-    useGlobalPkgs = true;
-    useUserPackages = true;
-    extraSpecialArgs = {
-      inherit inputs self pkgs-unstable;
-    };
-  };
-}
--- a/users/seb/@alto/default.nix
+++ b/users/seb/@alto/default.nix
@ -1,3 +0,0 @@
-_: {
-  imports = [ ../user.nix ];
-}
--- a/users/seb/@cirrus/default.nix
+++ b/users/seb/@cirrus/default.nix
@ -1,3 +0,0 @@
-_: {
-  imports = [ ../user.nix ];
-}
--- a/users/seb/@cumulus/default.nix
+++ b/users/seb/@cumulus/default.nix
@ -1,3 +0,0 @@
-_: {
-  imports = [ ../user.nix ];
-}
--- a/users/seb/@fern/default.nix
+++ b/users/seb/@fern/default.nix
@ -1,12 +0,0 @@
-{ pkgs, ... }:
-{
-  imports = [
-    ../../home-manager.nix
-    ../user.nix
-  ];
-
-  users.users.seb.shell = pkgs.zsh;
-  programs.zsh.enable = true;
-
-  home-manager.users.seb = ./home.nix;
-}
--- a/users/seb/@north/default.nix
+++ b/users/seb/@north/default.nix
@ -1,12 +0,0 @@
-{ pkgs, ... }:
-{
-  imports = [
-    ../../home-manager.nix
-    ../user.nix
-  ];
-
-  users.users.seb.shell = pkgs.zsh;
-  programs.zsh.enable = true;
-
-  home-manager.users.seb = ./home.nix;
-}
--- a/users/seb/home.nix
+++ b/users/seb/home.nix
@ -19,8 +19,6 @@ let
    };
 in
 {
-  imports = [ ../shared-home.nix ];
-
  home.sessionVariables.NH_FLAKE = "~/Projects/nixos-config";

  custom = {
--- a/users/seb/user.nix
+++ b/users/seb/user.nix
@ -1,11 +0,0 @@
-{ config, ... }:
-{
-  sops.secrets."seb-password".neededForUsers = true;
-
-  users.users.seb = {
-    isNormalUser = true;
-    description = "Sebastian Stork";
-    hashedPasswordFile = config.sops.secrets."seb-password".path;
-    extraGroups = [ "wheel" ];
-  };
-}