modules: reorganize standalone and system user handling

4 files changed, 41 insertions, 91 deletions

diff --git a/modules/nixos/traits/default.nix b/modules/nixos/traits/default.nix
index 58519ca..983edce 100644
--- a/modules/nixos/traits/default.nix
+++ b/modules/nixos/traits/default.nix
@@ -3,11 +3,10 @@
     ./auto-upgrade.nix
     ./containers.nix
     ./home-manager.nix
+    ./host-user.nix
     ./locale.nix
     ./secrets.nix
     ./tailscale.nix
-    ./user-setup.nix
-    ./users.nix
     ./zram.nix
   ];
 }
diff --git a/modules/nixos/traits/host-user.nix b/modules/nixos/traits/host-user.nix
new file mode 100644
index 0000000..2da91d6
--- /dev/null
+++ b/modules/nixos/traits/host-user.nix
@@ -0,0 +1,40 @@
+{
+  config,
+  lib,
+  pkgs,
+  secretsDir,
+  ...
+}: let
+  cfg = config.traits.users.hostUser;
+  inherit (config.networking) hostName;
+in {
+  options.traits.users.hostUser = {
+    enable = lib.mkEnableOption "${hostName} user configuration";
+    manageSecrets =
+      lib.mkEnableOption "automatic secrets management"
+      // {
+        default = config.traits.secrets.enable;
+      };
+  };
+
+  config = lib.mkIf cfg.enable (
+    lib.mkMerge [
+      {
+        users.users.${hostName} = {
+          isNormalUser = true;
+          shell = pkgs.bash;
+        };
+      }
+
+      (lib.mkIf cfg.manageSecrets {
+        age.secrets = {
+          userPassword.file = secretsDir + "/userPassword.age";
+        };
+
+        users.users.${hostName} = {
+          hashedPasswordFile = config.age.secrets.userPassword.path;
+        };
+      })
+    ]
+  );
+}
diff --git a/modules/nixos/traits/user-setup.nix b/modules/nixos/traits/user-setup.nix
deleted file mode 100644
index 1d02134..0000000
--- a/modules/nixos/traits/user-setup.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  secretsDir,
-  ...
-}: let
-  cfg = config.traits.user-setup;
-in {
-  options.traits.user-setup = {
-    enable = lib.mkEnableOption "basic immutable user & root configurations";
-    manageSecrets =
-      lib.mkEnableOption "automatic secrets management"
-      // {
-        default = config.traits.secrets.enable;
-      };
-  };
-
-  config = lib.mkIf cfg.enable (
-    lib.mkMerge [
-      {
-        users = {
-          defaultUserShell = pkgs.bash;
-          mutableUsers = false;
-
-          users.root =
-            {
-              home = lib.mkDefault "/root";
-              uid = lib.mkDefault config.ids.uids.root;
-              group = lib.mkDefault "root";
-            }
-            // lib.optionalAttrs cfg.manageSecrets {
-              hashedPasswordFile = config.age.secrets.rootPassword.path;
-            };
-        };
-      }
-
-      (lib.mkIf cfg.manageSecrets {
-        age.secrets = {
-          rootPassword.file = secretsDir + "/rootPassword.age";
-        };
-      })
-    ]
-  );
-}
diff --git a/modules/nixos/traits/users.nix b/modules/nixos/traits/users.nix
deleted file mode 100644
index de28c00..0000000
--- a/modules/nixos/traits/users.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  secretsDir,
-  ...
-}: let
-  cfg = config.traits.users;
-  inherit (config.networking) hostName;
-in {
-  options.traits.users = {
-    hostUser = {
-      enable = lib.mkEnableOption "${hostName} user configuration";
-      manageSecrets =
-        lib.mkEnableOption "automatic secrets management"
-        // {
-          default = config.traits.secrets.enable;
-        };
-    };
-  };
-
-  imports = [
-    ../../../users/seth/nixos.nix
-  ];
-
-  config = lib.mkMerge [
-    (lib.mkIf cfg.hostUser.enable {
-      users.users.${hostName} = {
-        isNormalUser = true;
-        shell = pkgs.bash;
-      };
-    })
-
-    (lib.mkIf (cfg.hostUser.enable && cfg.hostUser.manageSecrets) {
-      age.secrets = {
-        userPassword.file = secretsDir + "/userPassword.age";
-      };
-
-      users.users.${hostName} = {
-        hashedPasswordFile = config.age.secrets.userPassword.path;
-      };
-    })
-  ];
-}