users

flake.nix

@@ -32,13 +32,13 @@
   outputs = {
     self,
     nixpkgs,
+    home-manager,
     ...
   } @ inputs: let
     inherit (nixpkgs) lib;
 
     defaultConfig = {
-      headless = false;
-      home = true;
+      desktop = true;
     };
 
     makeHost = host: let
@@ -53,8 +53,11 @@
           ./hosts/${host}/hardware-configuration.nix
           ./system
           {networking.hostName = host;}
-        ] ++ lib.optionals config.headless [ ./headless ]
-          ++ lib.optionals config.desktop [ ./home ];
+        ] 
+          ++ lib.optionals config.desktop [ 
+          home-manager
+          ./home 
+        ];
       };
   in {
     nixosConfigurations = lib.pipe ./hosts [

system/default.nix

@@ -1,7 +1,26 @@
 {...}: {
   imports = [
     ./boot.nix
+    ./packages.nix
+    ./env.nix
+    ./btrfs.nix
+    ./users.nix
+
+    ./networking.nix
+    ./persistence.nix
+    ./nix.nix
+    ./audio.nix
+    ./ssh.nix
+
+    ./syncthing.nix
+    ./wayland.nix
+    ./steam.nix
+
+    ./nfs.nix
+    ./fonts.nix
+    ./bluetooth.nix
+    ./zsh.nix
   ];
 
-  # lib.mkForce 
+  system.stateVersion = "24.11";
 }

system/users.nix

@@ -0,0 +1,30 @@
+{ config, ...}: let 
+    host = config.networking.hostName;
+  in {
+  users.mutableUsers = false;
+  users.users = {
+    lilith = {
+      isNormalUser = true;
+      uid = 1000;
+      extraGroups = [ "wheel" "networkmanager" ];
+      hashedPasswordFile = config.sops.secrets."user/password".path;
+    };
+  };
+
+  sops.secrets = {
+    "user/password" = {
+      sopsFile = ../hosts/${host}/secrets/default.yaml;
+      neededForUsers = true;
+    };
+    "user/ssh/private" = {
+      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      path = "/home/lilith/.ssh/id_ed25519";
+      owner = "lilith";
+    };
+    "user/ssh/public" = {
+      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      path = "/home/lilith/.ssh/id_ed25519.pub";
+      owner = "lilith";
+    };
+  };
+}