feat(users): add shell module, simplify users module

2025-07-07 09:15:36 +08:00 · 2025-07-07 09:15:36 +08:00 · 0ca6436522
commit 0ca6436522
parent a3ed4c608d
2 changed files with 18 additions and 7 deletions
--- a/nix/modules/shell.nix
+++ b/nix/modules/shell.nix
@ -0,0 +1,17 @@
+{ config, lib, ... }:
+let
+  cfg = config.flake;
+  inherit (cfg.lib) forAllUsers';
+  inherit (lib.attrsets) mapAttrs';
+in
+{
+  flake.modules.nixos.default =
+    { pkgs, ... }:
+    {
+      programs = mapAttrs' (name: value: {
+        name = value.shell;
+        value.enable = true;
+      }) cfg.manifest.users;
+      users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
+    };
+}
--- a/nix/modules/users.nix
+++ b/nix/modules/users.nix
@ -6,13 +6,11 @@ let
 in
 {
  flake.modules.nixos.default =
-    { pkgs, config, ... }:
+    { config, ... }:
    {
      #TODO: move sudo/security options elsewhere
      # security.sudo.wheelNeedsPassword = false;
      # nix.settings.trusted-users = [ "@wheel" ];
-      #TODO: move to shell config
-      # programs.${owner.shell}.enable = true;
      #TODO: move ssh key settings elsewhere
      # users.users.root.openssh.authorizedKeys.keys = [ owner.pubkey ];
      users = {
@ -22,14 +20,10 @@ in
          _: value: {
            isNormalUser = true;
            extraGroups = optional (value.primary or false) "wheel";
-            # FIXME: remove when we make the shell module
-            ignoreShellProgramCheck = true;
-            shell = pkgs.${value.shell};
            openssh.authorizedKeys.keys = [ value.pubkey ];
          }
        );
      };
-
      home-manager.users = forAllUsers' (
        name: _: {
          home.username = name;