Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remodel begin

Browse Source
This commit is contained in:
Nathan
2025-08-17 14:04:02 -05:00
parent 1a0a5ced12
commit 453f175edc
36 changed files with 283 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
system-config/configuration/homebox/default.nix
View File

@@ -176,41 +176,82 @@
};
sysconfig = {
opts = {
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
extraModules = [
{
homeconfig = {
host = "homebox";
minimal = false;
wayvnc.enable = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
home.packages = [
pkgs.wayvnc
];
}
];
};
};
};
services = {
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
ags.enable = true;
hyprland.enable = true;
netbird.enable = true;
minecraft.enable = false;
};
programs = {
hyprland.enable = true;
ags.enable = true;
steam.enable = false;
virtualization = {
traefik.enable = true;
jellyfin.enable = true;
"blunkall.us".enable = true;
nextcloud.enable = true;
ntfy.enable = false;
gitea.enable = true;
n8n.enable = true;
keycloak.enable = true;
netbird.enable = true;
ollama.enable = true;
homeassistant.enable = true;
wyoming = {
enable = true;
piper = true;
openwakeword = true;
faster-whisper = true;
};
rustdesk.enable = false; #broken
};
virtualization = {
traefik.enable = true;
jellyfin.enable = true;
"blunkall.us".enable = true;
nextcloud.enable = true;
ntfy.enable = false;
gitea.enable = true;
n8n.enable = true;
keycloak.enable = true;
netbird.enable = true;
ollama.enable = true;
homeassistant.enable = true;
wyoming = {
enable = true;
piper = true;
openwakeword = true;
faster-whisper = true;
};
rustdesk.enable = false; #broken
pihole.enable = false; #broken
code-server.enable = false;
novnc.enable = true;
minecraft.enable = true;
novnc.enable = true;
minecraft.enable = true;
sandbox.enable = false;
};
sandbox.enable = false;
};
};

62
system-config/configuration/laptop/default.nix
View File

@@ -66,17 +66,58 @@
alsa-utils
];
sysconfig.opts = {
sddm.enable = true;
openssh.enable = false;
steam.enable = true;
pipewire.enable = true;
ags.enable = true;
kdePlasma6.enable = true;
hyprland.enable = true;
netbird.enable = true;
sysconfig = {
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
extraModules = [
{
homeconfig = {
host = "homebox";
minimal = false;
wayvnc.enable = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
home.packages = [
pkgs.wayvnc
];
}
];
};
};
};
services = {
sddm.enable = true;
openssh.enable = false;
pipewire.enable = true;
kdePlasma6.enable = true;
netbird.enable = true;
ollama.enable = true;
};
programs = {
steam.enable = true;
ags.enable = true;
hyprland.enable = true;
};
ollama.enable = true;
virtualization = {
@@ -117,7 +158,6 @@
}
(inputs.nathan-home-manager {
config = config.home-manager.users."nathan";
sysconfig = config;
inherit lib pkgs;
})
];

4
system-config/programs/ags/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.ags.enable = lib.options.mkOption {
options.sysconfig.programs.ags.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.ags.enable {
config = lib.mkIf config.sysconfig.programs.ags.enable {
services = {
upower.enable = true;
gvfs.enable = true;

6
system-config/programs/hyprland/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.hyprland.enable = lib.options.mkOption {
options.sysconfig.programs.hyprland.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.hyprland.enable {
config = lib.mkIf config.sysconfig.programs.hyprland.enable {
sysconfig.opts.sddm.enable = lib.mkDefault true;
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.sessionVariables.NIXOS_OZONE_WL = "1";

4
system-config/programs/steam/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.steam.enable = lib.options.mkOption {
options.sysconfig.programs.steam.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.steam.enable {
config = lib.mkIf config.sysconfig.programs.steam.enable {
programs.steam = {
enable = true;

4
system-config/services/containers/code-server/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.code-server.enable = lib.options.mkOption {
options.sysconfig.virtualization.code-server.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.code-server.enable {
config = lib.mkIf config.sysconfig.virtualization.code-server.enable {
containers.code-server = {

4
system-config/services/containers/gitea/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.gitea.enable = lib.options.mkOption {
options.sysconfig.virtualization.gitea.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.gitea.enable {
config = lib.mkIf config.sysconfig.virtualization.gitea.enable {
networking = {
hosts."192.168.100.20" = [ "gitea.blunkall.us" ];

4
system-config/services/containers/gitlab/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.gitlab.enable = lib.options.mkOption {
options.sysconfig.virtualization.gitlab.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.gitlab.enable {
config = lib.mkIf config.sysconfig.virtualization.gitlab.enable {
sops.secrets = {
"gitlab/db_pass" = {};

4
system-config/services/containers/homeassistant/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.homeassistant = {
options.sysconfig.virtualization.homeassistant = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
@@ -11,7 +11,7 @@
};
};
config = lib.mkIf config.sysconfig.opts.virtualization.homeassistant.enable {
config = lib.mkIf config.sysconfig.virtualization.homeassistant.enable {
networking = {
hosts."192.168.100.25" = [ "hass.local" ];

4
system-config/services/containers/jellyfin/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.jellyfin.enable = lib.options.mkOption {
options.sysconfig.virtualization.jellyfin.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.jellyfin.enable {
config = lib.mkIf config.sysconfig.virtualization.jellyfin.enable {
containers.jellyfin = {

4
system-config/services/containers/keycloak/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, inputs, ... }: {
options.sysconfig.opts.virtualization.keycloak.enable = lib.options.mkOption {
options.sysconfig.virtualization.keycloak.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
@@ -9,7 +9,7 @@
inputs.sops-nix.nixosModules.sops
];
config = lib.mkIf config.sysconfig.opts.virtualization.keycloak.enable {
config = lib.mkIf config.sysconfig.virtualization.keycloak.enable {
sops.secrets."keycloak/dbpass" = {};

4
system-config/services/containers/minecraft/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.virtualization.minecraft.enable = lib.options.mkOption {
options.sysconfig.virtualization.minecraft.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.minecraft.enable {
config = lib.mkIf config.sysconfig.virtualization.minecraft.enable {
networking = {
firewall = {

4
system-config/services/containers/n8n/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.n8n.enable = lib.options.mkOption {
options.sysconfig.virtualization.n8n.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.n8n.enable {
config = lib.mkIf config.sysconfig.virtualization.n8n.enable {
networking = {
hosts."192.168.100.21" = [ "n8n.local" ];

12
system-config/services/containers/netbird/default.nix
View File

@@ -1,8 +1,8 @@
{ config, lib, inputs, ... }: {
options.sysconfig.opts = {
options.sysconfig = {
netbird.enable = lib.options.mkOption {
services.netbird.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
@@ -18,21 +18,21 @@
config = {
services.netbird = {
enable = config.sysconfig.opts.netbird.enable;
enable = config.sysconfig.services.netbird.enable;
};
networking = {
firewall = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {
firewall = lib.mkIf config.sysconfig.virtualization.netbird.enable {
allowedUDPPorts = [ 3478 ];
allowedUDPPortRanges = [{ from = 51100; to = 56100; }];
};
nat.internalInterfaces = [ "ve-netbird" ];
};
sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {};
sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.virtualization.netbird.enable {};
containers.netbird = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {
containers.netbird = lib.mkIf config.sysconfig.virtualization.netbird.enable {
autoStart = true;
privateNetwork = true;

4
system-config/services/containers/nextcloud/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.nextcloud.enable = lib.options.mkOption {
options.sysconfig.virtualization.nextcloud.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.nextcloud.enable {
config = lib.mkIf config.sysconfig.virtualization.nextcloud.enable {
sops.secrets."nextcloud/pass" = {};

4
system-config/services/containers/nginx/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization."blunkall.us".enable = lib.mkOption {
options.sysconfig.virtualization."blunkall.us".enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization."blunkall.us".enable {
config = lib.mkIf config.sysconfig.virtualization."blunkall.us".enable {
containers.blunkall-us = {

6
system-config/services/containers/novnc/default.nix
View File

@@ -1,16 +1,16 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.novnc.enable = lib.mkOption {
options.sysconfig.virtualization.novnc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable {
config = lib.mkIf config.sysconfig.virtualization.novnc.enable {
networking = {
hosts."192.168.100.30" = [ "novnc.local" ];
firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable {
firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.virtualization.novnc.enable {
allowedTCPPorts = [ 5900 ];
allowedUDPPorts = [ 5900 ];
};

4
system-config/services/containers/ntfy/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.ntfy.enable = lib.mkOption {
options.sysconfig.virtualization.ntfy.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.ntfy.enable {
config = lib.mkIf config.sysconfig.virtualization.ntfy.enable {
containers.ntfy = {

4
system-config/services/containers/ollama/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, inputs, ... }: {
options = {
sysconfig.opts.virtualization.ollama.enable = lib.options.mkOption {
sysconfig.virtualization.ollama.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.opts.virtualization.ollama.enable {
config = lib.mkIf config.sysconfig.virtualization.ollama.enable {
containers.ollama = {

4
system-config/services/containers/pihole/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.virtualization.pihole.enable = lib.options.mkOption {
options.sysconfig.virtualization.pihole.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.pihole.enable {
config = lib.mkIf config.sysconfig.virtualization.pihole.enable {
/* sops.secrets."pihole/pass" = {};
sops.templates."pihole.env" = {

4
system-config/services/containers/rustdesk/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.rustdesk.enable = lib.options.mkOption {
options.sysconfig.virtualization.rustdesk.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.rustdesk.enable {
config = lib.mkIf config.sysconfig.virtualization.rustdesk.enable {
/*networking = {
firewall.allowedTCPPorts = [ 21115 21116 21117 21118 21119 ];

4
system-config/services/containers/sandbox/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, inputs, ... }: {
options.sysconfig.opts.virtualization.sandbox.enable = lib.mkOption {
options.sysconfig.virtualization.sandbox.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
@@ -18,7 +18,7 @@
})
];
config = lib.mkIf config.sysconfig.opts.virtualization.sandbox.enable {
config = lib.mkIf config.sysconfig.virtualization.sandbox.enable {
networking = {

4
system-config/services/containers/traefik/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.traefik.enable = lib.options.mkOption {
options.sysconfig.virtualization.traefik.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable {
config = lib.mkIf config.sysconfig.virtualization.traefik.enable {
networking = {
hosts."192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "traefik.local" ];

16
system-config/services/containers/wyoming/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, ... }: {
options.sysconfig.opts.virtualization.wyoming = {
options.sysconfig.virtualization.wyoming = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
@@ -23,7 +23,7 @@
};
};
config = lib.mkIf config.sysconfig.opts.virtualization.wyoming.enable {
config = lib.mkIf config.sysconfig.virtualization.wyoming.enable {
containers.wyoming = {
@@ -32,7 +32,7 @@
hostAddress = "192.168.100.10";
localAddress = "192.168.100.26";
bindMounts = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper {
bindMounts = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper {
"/dev/nvidia0" = {
hostPath = "/dev/nvidia0";
isReadOnly = false;
@@ -55,7 +55,7 @@
};
};
allowedDevices = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper [
allowedDevices = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper [
{
node = "/dev/nvidia0";
modifier = "rw";
@@ -86,7 +86,7 @@
services.wyoming = {
piper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.piper {
piper = lib.mkIf config.sysconfig.virtualization.wyoming.piper {
servers.piper = {
enable = true;
@@ -95,7 +95,7 @@
};
};
openwakeword = lib.mkIf config.sysconfig.opts.virtualization.wyoming.openwakeword {
openwakeword = lib.mkIf config.sysconfig.virtualization.wyoming.openwakeword {
enable = true;
uri = "tcp://0.0.0.0:11432";
preloadModels = [
@@ -109,7 +109,7 @@
];
};
faster-whisper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper {
faster-whisper = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper {
servers.whisper = {
enable = true;
device = "auto";
@@ -119,7 +119,7 @@
};
};
satellite = lib.mkIf config.sysconfig.opts.virtualization.wyoming.satellite {
satellite = lib.mkIf config.sysconfig.virtualization.wyoming.satellite {
enable = true;
uri = "tcp://0.0.0.0:11431";
#user = "nathan";

4
system-config/services/dynamicDNS/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.dynamicDNS.enable = lib.options.mkOption {
options.sysconfig.services.dynamicDNS.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.dynamicDNS {
config = lib.mkIf config.sysconfig.services.dynamicDNS {
systemd.timers.dynamicDNS = {

6
system-config/services/kdePlasma6/default.nix
View File

@@ -1,15 +1,15 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.kdePlasma6.enable = lib.options.mkOption {
options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.kdePlasma6.enable {
config = lib.mkIf config.sysconfig.services.kdePlasma6.enable {
services.desktopManager.plasma6.enable = true;
sysconfig.opts.sddm.enable = lib.mkDefault true;
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice

4
system-config/services/minecraft/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.minecraft.enable = lib.options.mkOption {
options.sysconfig.services.minecraft.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
@@ -9,7 +9,7 @@
inputs.nix-minecraft.nixosModules.minecraft-servers
];
config = lib.mkIf config.sysconfig.opts.minecraft.enable {
config = lib.mkIf config.sysconfig.services.minecraft.enable {
nixpkgs.overlays = [ inputs.nix-minecraft.overlay ];

4
system-config/services/novnc/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: {
options.sysconfig.opts.novnc.enable = lib.mkOption {
options.sysconfig.services.novnc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.novnc.enable {
config = lib.mkIf config.sysconfig.services.novnc.enable {
systemd.services.novnc = {
enable = true;

4
system-config/services/ollama/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, inputs, ... }: {
options = {
sysconfig.opts.ollama.enable = lib.options.mkOption {
sysconfig.services.ollama.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.opts.ollama.enable {
config = lib.mkIf config.sysconfig.services.ollama.enable {
services.ollama = {
enable = true;
acceleration = "cuda";

4
system-config/services/openssh/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, ... }: {
options = {
sysconfig.opts.openssh.enable = lib.options.mkOption {
sysconfig.services.openssh.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.opts.openssh.enable {
config = lib.mkIf config.sysconfig.services.openssh.enable {
networking.firewall.allowedTCPPorts = [ 22 ];

4
system-config/services/pipewire/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, pkgs, ... }: {
options = {
sysconfig.opts.pipewire.enable = lib.options.mkOption {
sysconfig.services.pipewire.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.opts.pipewire.enable {
config = lib.mkIf config.sysconfig.services.pipewire.enable {
# Enable sound with pipewire.
#sound.enable = true;

4
system-config/services/sddm/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.sddm.enable = lib.mkOption {
options.sysconfig.services.sddm.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.opts.sddm.enable {
config = lib.mkIf config.sysconfig.services.sddm.enable {
qt.enable = true;

79
system-config/users/default.nix Normal file
View File

@@ -0,0 +1,79 @@
{ config, lib, inputs, ... }: {
options.sysconfig = {
users = let
userType = lib.types.submodule ({ username, ... }: {
options = {
username = lib.mkOption {
type = lib.types.str;
default = username;
};
home-manager = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
extraModules = lib.mkOption {
type = lib.types.listOf lib.types.raw;
default = [];
};
};
sshKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
hashedPasswordFile = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
extraGroups = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
};
});
in lib.mkOption {
type = lib.types.attrsOf userType;
default = {};
};
};
config = {
users.users = builtins.mapAttrs (name: user: {
name = user.username;
isNormalUser = true;
hashedPasswordFile = lib.mkIf (user.hashedPasswordFile != null) user.hashedPasswordFile;
extraGroups = user.extraGroups;
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable config.sysconfig.users.${user.username}.sshKeys;
}) config.sysconfig.users;
home-manager = {
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs;};
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
inputs.home-manager-config
];
users = (builtins.mapAttrs
(name: user: (lib.mkMerge [
(inputs.${user.username} { config = config.home-manager.users.${user.username}; inherit lib; })
] ++ user.home-manager.extraModules))
(builtins.removeAttrs
config.sysconfig.users
(builtins.partition
(name: config.sysconfig.users.${name}.home-manager.enable == true)
(builtins.attrNames config.sysconfig.users)
).wrong
)
);
};
};
}