feat(nixos): add user password secrets to sops

This commit adds the user password secrets to sops.
It leverages the `userListToAttrs` lib function.

nix/modules/users.nix

@@ -1,7 +1,7 @@
 { config, lib, ... }:
 let
   cfg = config.flake;
-  inherit (cfg.lib.modules) forAllUsers';
+  inherit (cfg.lib.modules) userListToAttrs forAllUsers';
   inherit (lib.lists) optional;
 in
 {
@@ -19,13 +19,17 @@ in
         mutableUsers = false;
         groups.users.gid = 100;
         users = forAllUsers' (
-          _: value: {
+          name: value: {
             isNormalUser = true;
+            hashedPasswordFile = config.sops.secrets."${name}/hashedPassword".path;
             extraGroups = optional (value.primary or false) "wheel";
             openssh.authorizedKeys.keys = [ value.pubkey ];
           }
         );
       };
+      sops.secrets = userListToAttrs (name: {
+        "${name}/hashedPassword".neededForUsers = true;
+      });
       home-manager.users = forAllUsers' (
         name: _: {
           home.username = name;