Manage users with the option system

2026-01-21 14:01:34 +01:00 · 2025-06-13 16:21:42 +02:00 · 2025-06-13 16:21:42 +02:00 · d7070b6fb5
commit d7070b6fb5
parent 9386dc29d7
15 changed files with 79 additions and 71 deletions
--- a/flake/hosts.nix
+++ b/flake/hosts.nix
@ -14,19 +14,11 @@ let
            "${self}/hosts/${hostName}"
            |> lib.filesystem.listFilesRecursive
            |> builtins.filter (lib.hasSuffix ".nix");
          userFiles =
            "${self}/users"
            |> builtins.readDir
            |> lib.filterAttrs (_: type: type == "directory")
            |> builtins.attrNames
            |> map (user: "${self}/users/${user}/@${hostName}")
            |> builtins.filter (path: builtins.pathExists path);
        in
        lib.flatten [
          { networking = { inherit hostName; }; }
          "${self}/hosts/shared.nix"
          hostFiles
          userFiles
        ];
    };
  };
--- a/hosts/alto/default.nix
+++ b/hosts/alto/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.systemdBoot.enable = true;
    users.seb.enable = true;
    services = {
      tailscale = {
        enable = true;
--- a/hosts/cirrus/default.nix
+++ b/hosts/cirrus/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.grub.enable = true;
    users.seb.enable = true;
    services = {
      tailscale = {
        enable = true;
--- a/hosts/cumulus/default.nix
+++ b/hosts/cumulus/default.nix
@ -6,6 +6,8 @@
    sops.enable = true;
    boot.loader.grub.enable = true;
    users.seb.enable = true;
    services = {
      tailscale = {
        enable = true;
--- a/hosts/fern/default.nix
+++ b/hosts/fern/default.nix
@ -10,6 +10,12 @@
      silent = true;
    };
    users.seb = {
      enable = true;
      zsh.enable = true;
      homeManager.enable = true;
    };
    dm.tuigreet.enable = true;
    de.hyprland.enable = true;
--- a/hosts/north/default.nix
+++ b/hosts/north/default.nix
@ -10,6 +10,12 @@
      silent = true;
    };
    users.seb = {
      enable = true;
      zsh.enable = true;
      homeManager.enable = true;
    };
    dm.tuigreet.enable = true;
    de.hyprland.enable = true;
--- a/modules/system/users/seb.nix
+++ b/modules/system/users/seb.nix
@ -0,0 +1,61 @@
 {
  config,
  self,
  inputs,
  pkgs,
  pkgs-unstable,
  lib,
  ...
 }:
 let
  cfg = config.custom.users.seb;
 in
 {
  imports = [ inputs.home-manager.nixosModules.home-manager ];
  options.custom.users.seb = {
    enable = lib.mkEnableOption "";
    zsh.enable = lib.mkEnableOption "";
    homeManager = {
      enable = lib.mkEnableOption "";
      configPath = lib.mkOption {
        type = lib.types.listOf lib.types.path;
        default = [
          "${self}/users/shared-home.nix"
          "${self}/users/seb/home.nix"
          "${self}/users/seb/@${config.networking.hostName}/home.nix"
        ];
      };
    };
  };
  config = lib.mkIf cfg.enable (
    lib.mkMerge [
      {
        sops.secrets."seb-password".neededForUsers = true;
        users.users.seb = {
          isNormalUser = true;
          description = "Sebastian Stork";
          hashedPasswordFile = config.sops.secrets."seb-password".path;
          extraGroups = [ "wheel" ];
          shell = lib.mkIf cfg.zsh.enable pkgs.zsh;
        };
        programs.zsh.enable = lib.mkIf cfg.zsh.enable true;
      }
      (lib.mkIf cfg.homeManager.enable {
        home-manager = {
          useGlobalPkgs = true;
          useUserPackages = true;
          extraSpecialArgs = {
            inherit inputs self pkgs-unstable;
          };
          users.seb.imports = cfg.homeManager.configPath;
        };
      })
    ]
  );
 }
--- a/users/home-manager.nix
+++ b/users/home-manager.nix
@ -1,17 +0,0 @@
 {
  inputs,
  self,
  pkgs-unstable,
  ...
 }:
 {
  imports = [ inputs.home-manager.nixosModules.home-manager ];
  home-manager = {
    useGlobalPkgs = true;
    useUserPackages = true;
    extraSpecialArgs = {
      inherit inputs self pkgs-unstable;
    };
  };
 }
--- a/users/seb/@alto/default.nix
+++ b/users/seb/@alto/default.nix
@ -1,3 +0,0 @@
 _: {
  imports = [ ../user.nix ];
 }
--- a/users/seb/@cirrus/default.nix
+++ b/users/seb/@cirrus/default.nix
@ -1,3 +0,0 @@
 _: {
  imports = [ ../user.nix ];
 }
--- a/users/seb/@cumulus/default.nix
+++ b/users/seb/@cumulus/default.nix
@ -1,3 +0,0 @@
 _: {
  imports = [ ../user.nix ];
 }
--- a/users/seb/@fern/default.nix
+++ b/users/seb/@fern/default.nix
@ -1,12 +0,0 @@
 { pkgs, ... }:
 {
  imports = [
    ../../home-manager.nix
    ../user.nix
  ];
  users.users.seb.shell = pkgs.zsh;
  programs.zsh.enable = true;
  home-manager.users.seb = ./home.nix;
 }
--- a/users/seb/@north/default.nix
+++ b/users/seb/@north/default.nix
@ -1,12 +0,0 @@
 { pkgs, ... }:
 {
  imports = [
    ../../home-manager.nix
    ../user.nix
  ];
  users.users.seb.shell = pkgs.zsh;
  programs.zsh.enable = true;
  home-manager.users.seb = ./home.nix;
 }
--- a/users/seb/home.nix
+++ b/users/seb/home.nix
@ -19,8 +19,6 @@ let
    };
 in
 {
  imports = [ ../shared-home.nix ];
  home.sessionVariables.NH_FLAKE = "~/Projects/nixos-config";
  custom = {
--- a/users/seb/user.nix
+++ b/users/seb/user.nix
@ -1,11 +0,0 @@
 { config, ... }:
 {
  sops.secrets."seb-password".neededForUsers = true;
  users.users.seb = {
    isNormalUser = true;
    description = "Sebastian Stork";
    hashedPasswordFile = config.sops.secrets."seb-password".path;
    extraGroups = [ "wheel" ];
  };
 }