diff --git a/fleet/common.nix b/fleet/common.nix index b839817..d2c2503 100644 --- a/fleet/common.nix +++ b/fleet/common.nix @@ -14,18 +14,141 @@ let # Import all hardware modules so they're available for enabling hwTypes = import ../hw { inherit inputs; }; hwModules = lib.attrValues hwTypes; + + # User account submodule definition + userSubmodule = lib.types.submodule { + options = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Whether this user account is enabled on this system."; + }; + isNormalUser = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Whether this is a normal user account (vs system user)."; + }; + description = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + description = "Full name or description of the user (GECOS field)."; + example = "John Doe"; + }; + extraGroups = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = "Additional groups for the user (wheel, docker, etc.)."; + }; + hashedPassword = lib.mkOption { + type = lib.types.str; + default = "!"; + description = "Hashed password for the user account. Default '!' means locked."; + }; + extraPackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = [ ]; + description = "Additional system packages available to this user."; + }; + excludePackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = [ ]; + description = "System packages to exclude for this user."; + }; + homePackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = [ ]; + description = "Packages to install in the user's home-manager profile."; + }; + extraImports = lib.mkOption { + type = lib.types.listOf lib.types.path; + default = [ ]; + description = "Additional home-manager modules to import for this user."; + }; + external = lib.mkOption { + type = lib.types.nullOr ( + lib.types.oneOf [ + lib.types.path + (lib.types.submodule { + options = { + url = lib.mkOption { + type = lib.types.str; + description = "Git repository URL to fetch user configuration from."; + }; + rev = lib.mkOption { + type = lib.types.str; + description = "Git commit hash, tag, or branch to fetch."; + }; + submodules = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Whether to fetch Git submodules."; + }; + }; + }) + ] + ); + default = null; + description = "External dotfiles repository (user.nix + optional nixos.nix)."; + }; + opensshKeys = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = "SSH public keys for the user (authorized_keys)."; + }; + shell = lib.mkOption { + type = lib.types.nullOr ( + lib.types.enum [ + "bash" + "zsh" + "fish" + "tcsh" + ] + ); + default = "bash"; + description = "Default shell for the user."; + }; + editor = lib.mkOption { + type = lib.types.nullOr ( + lib.types.enum [ + "vim" + "neovim" + "emacs" + "nano" + "code" + ] + ); + default = "neovim"; + description = "Default text editor for the user (sets EDITOR)."; + }; + useZshTheme = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Whether to apply the system Zsh theme (Oh My Posh)."; + }; + useNvimPlugins = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Whether to apply the system Neovim configuration."; + }; + }; + }; in { imports = [ ./fs.nix ./boot.nix ./user-config.nix - ./fleet-option.nix ../sw inputs.vscode-server.nixosModules.default inputs.nixos-wsl.nixosModules.default ] ++ hwModules; + options.athenix.users = lib.mkOption { + type = lib.types.attrsOf userSubmodule; + default = { }; + description = "User accounts configuration. Set enable=true for users that should exist on this system."; + }; + options.athenix = { forUser = lib.mkOption { type = lib.types.nullOr lib.types.str;