6 files changed, 43 insertions(+), 28 deletions(-)

R users/skye/default.nix => hosts/arwen/default.nix
M roles/base.nix
M systems/default.nix
M systems/hosts/arwen/default.nix
M systems/profiles/laptop/default.nix
D users/default.nix

@@ 1,10 1,22 @@
 {config, ...}: {
+  sops.secrets.rootPwd.neededForUsers = true;
   sops.secrets.skyePwd.neededForUsers = true;
 
   roles.base = {
-    username = "skye";
-    isWheel = true;
-    hashedPasswordFile = config.sops.secrets.skyePwd.path;
+    root = {
+      hashedPasswordFile = config.sops.secrets.rootPwd.path;
+    };
+    primaryUser = {
+      username = "skye";
+      isWheel = true;
+      hashedPasswordFile = config.sops.secrets.skyePwd.path;
+    };
+  };
+
+  roles.audio.enable = true;
+  roles.bluetooth = {
+    enable = true;
+    enableHDAudio = true;
   };
 
   roles.git = {

@@ 6,12 6,27 @@
   cfg = config.roles.base;
 in {
   options.roles.base = {
-    username = lib.mkOption {
-      type = lib.types.str;
+    root = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          hashedPasswordFile = lib.mkOption {
+            type = lib.types.path;
+          };
+        };
+      };
     };
-    isWheel = lib.mkEnableOption "wheter to enable admin permissions";
-    hashedPasswordFile = lib.mkOption {
-      type = lib.types.path;
+    primaryUser = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          username = lib.mkOption {
+            type = lib.types.str;
+          };
+          isWheel = lib.mkEnableOption "wheter to enable admin permissions";
+          hashedPasswordFile = lib.mkOption {
+            type = lib.types.path;
+          };
+        };
+      };
     };
   };
 


@@ 19,25 34,26 @@ in {
     (lib.mkAliasOptionModule ["hm"] [
       "home-manager"
       "users"
-      cfg.username
+      cfg.primaryUser.username
     ])
   ];
 
   config = let
-    homeDirectory = "/home/${cfg.username}";
+    homeDirectory = "/home/${cfg.primaryUser.username}";
   in {
-    users.users.${cfg.username} = {
+    users.users.root.hashedPasswordFile = cfg.root.hashedPasswordFile;
+    users.users.${cfg.primaryUser.username} = {
       isNormalUser = true;
-      extraGroups = lib.optional cfg.isWheel "wheel";
+      extraGroups = lib.optional cfg.primaryUser.isWheel "wheel";
       home = homeDirectory;
-      hashedPasswordFile = cfg.hashedPasswordFile;
+      hashedPasswordFile = cfg.primaryUser.hashedPasswordFile;
     };
     home-manager = {
       useUserPackages = true;
       useGlobalPkgs = true;
     };
     hm.home = {
-      inherit (cfg) username;
+      inherit (cfg.primaryUser) username;
       inherit homeDirectory;
       stateVersion = config.system.stateVersion;
     };

@@ 1,5 1,4 @@
 {
-  self,
   inputs,
   ...
 }: {


@@ 13,6 12,7 @@
           ++ cfg.modules
           ++ [
             ./hosts/${name}
+            ../hosts/${name}
             {
               networking.hostName = name;
             }

@@ 1,5 1,4 @@
 {
-  config,
   inputs,
   lib,
   pkgs,


@@ 18,8 17,6 @@
   sops.defaultSopsFile = ../../../secrets/arwen/secrets.yaml;
   sops.gnupg.sshKeyPaths = ["/persist/etc/ssh/ssh_host_rsa_key"];
   sops.age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
-  sops.secrets.rootPwd.neededForUsers = true;
-  users.users.root.hashedPasswordFile = config.sops.secrets.rootPwd.path;
 
   networking.hostId = "d2a2e2cb";
   networking.networkmanager.enable = true;


@@ 28,12 25,6 @@
 
   services.xserver.xkb.layout = "us";
 
-  roles.audio.enable = true;
-  roles.bluetooth = {
-    enable = true;
-    enableHDAudio = true;
-  };
-
   services.libinput.enable = true;
 
   environment.systemPackages = with pkgs; [

@@ 10,7 10,6 @@ inputs @ {
     home-manager.nixosModules.home-manager
 
     ../../../roles
-    ../../../users
   ];
   specialArgs = {
     inherit inputs;

@@ 1,3 0,0 @@
-{
-  imports = [./skye];
-}