profile/core: migrate to nixosModule

2026-01-29 09:13:01 +01:00 · 2026-01-24 22:40:40 +01:00 · 2026-01-24 22:40:40 +01:00 · a16d497ebb
commit a16d497ebb
parent a4d422e059
10 changed files with 208 additions and 157 deletions
--- a/profiles/core/users.nix
+++ b/profiles/core/users.nix
@ -1,35 +1,42 @@
-{ config, ... }:
+{ config, lib, ... }:
+let
+  cfg = config.my.profiles.core.users;
+in
 {
-  sops.secrets."users/felix/password".neededForUsers = true;
-  sops.secrets."users/felix/password" = { };
+  options.my.profiles.core.users.enable = lib.mkEnableOption "core users profile";

-  users.users.felix = {
-    isNormalUser = true;
-    home = "/home/felix";
-    group = "felix";
-    extraGroups = [
-      "adbusers" # adb control
-      "audio" # sound control
-      "cdrom" # emulate cds
-      "dialout" # serial-console
-      "docker" # usage of `docker` socket
-      "input" # mouse control
-      "libvirtd" # kvm control
-      "networkmanager" # wireless configuration
-      "podman" # usage of `podman` socket
-      "seat" # access to input devices
-      "video" # screen control
-      "wheel" # `sudo` for the user.
-    ];
-    hashedPasswordFile = config.sops.secrets."users/felix/password".path;
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@workman"
-      "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHhjrfqyOS+M9ATSTVr9JXPERBXOow/ZmkWICjbtbEgXAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0x ssh:felix-personal-1"
-      "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMHExVOrEevQ+bwrrW3cXCO7Y/SyA+7wG+b6ZvAWY4MJAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0y ssh:felix-personal-2"
-    ];
-  };
+  config = lib.mkIf cfg.enable {
+    sops.secrets."users/felix/password".neededForUsers = true;
+    sops.secrets."users/felix/password" = { };

-  users.groups.felix = {
-    gid = 1000;
+    users.users.felix = {
+      isNormalUser = true;
+      home = "/home/felix";
+      group = "felix";
+      extraGroups = [
+        "adbusers" # adb control
+        "audio" # sound control
+        "cdrom" # emulate cds
+        "dialout" # serial-console
+        "docker" # usage of `docker` socket
+        "input" # mouse control
+        "libvirtd" # kvm control
+        "networkmanager" # wireless configuration
+        "podman" # usage of `podman` socket
+        "seat" # access to input devices
+        "video" # screen control
+        "wheel" # `sudo` for the user.
+      ];
+      hashedPasswordFile = config.sops.secrets."users/felix/password".path;
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@workman"
+        "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHhjrfqyOS+M9ATSTVr9JXPERBXOow/ZmkWICjbtbEgXAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0x ssh:felix-personal-1"
+        "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMHExVOrEevQ+bwrrW3cXCO7Y/SyA+7wG+b6ZvAWY4MJAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0y ssh:felix-personal-2"
+      ];
+    };
+
+    users.groups.felix = {
+      gid = 1000;
+    };
  };
 }