modules: use individual files for user traits

author: seth <[email protected]> 2024-05-25 20:17:22 -0400
committer: seth <[email protected]> 2024-05-25 20:52:08 -0400
commit: 2c69b70e764a244db0946971170795d388670c32 (patch)
tree: 605c43fd3daf7b7aa9d3887712cba028cdc8084c /modules/nixos/traits/users/seth.nix
parent: 2f1be3bcd022ea6d011c50861c05ac4bf2b832a9 (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/modules/nixos/traits/users/seth.nix b/modules/nixos/traits/users/seth.nix
new file mode 100644
index 0000000..9ebb6c8
--- /dev/null
+++ b/modules/nixos/traits/users/seth.nix
@@ -0,0 +1,28 @@
+{
+  config,
+  lib,
+  secretsDir,
+  ...
+}: let
+  cfg = config.traits.users.seth;
+in {
+  options.traits.users.seth = {
+    manageSecrets =
+      lib.mkEnableOption "automatic secrets management"
+      // {
+        default = config.traits.secrets.enable;
+      };
+  };
+
+  config = lib.mkMerge [
+    (lib.mkIf (cfg.enable && cfg.manageSecrets) {
+      age.secrets = {
+        sethPassword.file = secretsDir + "/sethPassword.age";
+      };
+
+      users.users.seth = {
+        hashedPasswordFile = lib.mkDefault config.age.secrets.sethPassword.path;
+      };
+    })
+  ];
+}
author	seth <[email protected]>	2024-05-25 20:17:22 -0400
committer	seth <[email protected]>	2024-05-25 20:52:08 -0400
commit	2c69b70e764a244db0946971170795d388670c32 (patch)
tree	605c43fd3daf7b7aa9d3887712cba028cdc8084c /modules/nixos/traits/users/seth.nix
parent	2f1be3bcd022ea6d011c50861c05ac4bf2b832a9 (diff)