refactor: revert username global var

flake.nix

@@ -5,7 +5,6 @@
       ...
     }@inputs:
     let
-      username = "rafiq";
       mkSystem = type: hostname: {
         name = "${hostname}";
         value =
@@ -16,13 +15,16 @@
                 inputs
                 type
                 hostname
-                username
                 ;
             };
           in
           inputs.nixpkgs.lib.nixosSystem {
             specialArgs = args;
-            modules = [ ./systems ];
+            modules = [
+              ./systems
+              inputs.home-manager.nixosModules.home-manager
+              inputs.sops-nix.nixosModules.sops
+            ];
           };
       };
     in

systems/default.nix

@@ -18,8 +18,8 @@
       ./modules/bootloaders/systemd-boot.nix
       ./modules/programs/zsh.nix
       ./modules/hardware/networking.nix
-      inputs.sops-nix.nixosModules.sops
+      ./modules/security.nix
-      inputs.home-manager.nixosModules.home-manager
+      ./modules/users.nix
     ]
     # Options for desktops.
     (lib.optionals (type == "desktop") [
@@ -53,29 +53,16 @@
       "sd_mod"
     ];
   };
+
   home-manager = {
     useGlobalPkgs = true;
     useUserPackages = true;
     extraSpecialArgs = specialArgs;
-    users.${username}.imports = [ ../users/rafiq.nix ];
   };
 
   system.stateVersion = "24.11";
 
   users.mutableUsers = false; # Always reset users on system activation
-  users.users.${username} = {
-    isNormalUser = true;
-    description = "${username}";
-    hashedPasswordFile = config.sops.secrets.password.path;
-    extraGroups = [
-      "networkmanager"
-      "wheel"
-    ];
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n"
-    ];
-  };
-  security.sudo.wheelNeedsPassword = false;
 
   nixpkgs.config.allowUnfree = true;
   nix = {
@@ -108,9 +95,4 @@
 
   i18n.defaultLocale = "en_SG.UTF-8";
 
-  sops = {
-    defaultSopsFile = ../secrets/secrets.yaml;
-    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
-    secrets.password.neededForUsers = true;
-  };
 }

systems/modules/programs/getty.nix

@@ -1,6 +1,5 @@
-{ username, ... }:
 {
   services.getty = {
-    autologinUser = "${username}";
+    autologinUser = "rafiq";
   };
 }

systems/modules/programs/hyprlock.nix

@@ -2,7 +2,6 @@
   inputs,
   hostname,
   pkgs,
-  username,
   ...
 }:
 let
@@ -18,7 +17,7 @@ let
 in
 {
   security.pam.services.hyprlock = { };
-  home-manager.users.${username} = {
+  home-manager.users.rafiq = {
     programs.hyprlock = {
       enable = true;
       package = inputs.hyprlock.packages.${pkgs.stdenv.hostPlatform.system}.hyprlock;

systems/modules/programs/tailscale.nix

@@ -0,0 +1,2 @@
+{
+}

systems/modules/security.nix

@@ -0,0 +1,9 @@
+{
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    secrets.password.neededForUsers = true;
+  };
+
+  security.sudo.wheelNeedsPassword = false;
+}

systems/modules/security/sops.nix

@@ -0,0 +1,8 @@
+{ inputs, ... }:
+{
+  sops = {
+    defaultSopsFile = ../../../secrets/secrets.yaml;
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    secrets.password.neededForUsers = true;
+  };
+}

systems/modules/stylix.nix

@@ -1,4 +1,4 @@
-{ inputs, username, ... }:
+{ inputs, ... }:
 let
   opacity = 0.8;
   toImport = [
@@ -25,12 +25,12 @@ in
   fonts.enableDefaultPackages = true;
 
   imports = [ inputs.stylix.nixosModules.stylix ] ++ toImport;
-  home-manager.users.${username}.imports = [ inputs.stylix.homeManagerModules.stylix ] ++ toImport;
+  home-manager.users.rafiq.imports = [ inputs.stylix.homeManagerModules.stylix ] ++ toImport;
 
   # Put options that only exist in the NixOS module here.
   stylix.homeManagerIntegration.autoImport = false;
   stylix.homeManagerIntegration.followSystem = false;
 
   # Put options that only exist in the home-manager module here.
-  # home-manager.users.${username}.stylix = {};
+  # home-manager.users.rafiq.stylix = {};
 }

systems/modules/users.nix

@@ -0,0 +1,16 @@
+{ config, ... }:
+{
+  home-manager.users.rafiq.imports = [ ../../users/rafiq.nix ];
+  users.users.rafiq = {
+    isNormalUser = true;
+    description = "rafiq";
+    hashedPasswordFile = config.sops.secrets.password.path;
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n"
+    ];
+  };
+}

systems/modules/users/rafiq.nix

@@ -0,0 +1,16 @@
+{ inputs, config, ... }:
+{
+  home-manager.users.rafiq.imports = [ ../../../users/rafiq.nix ];
+  users.users.rafiq = {
+    isNormalUser = true;
+    description = "rafiq";
+    hashedPasswordFile = config.sops.secrets.password.path;
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n"
+    ];
+  };
+}

users/rafiq.nix

@@ -1,8 +1,6 @@
 {
   pkgs,
   inputs,
-  lib,
-  username,
   ...
 }:
 {
@@ -57,8 +55,8 @@
   };
 
   home = {
-    username = "${username}";
+    username = "rafiq";
-    homeDirectory = "/home/${username}";
+    homeDirectory = "/home/rafiq";
 
     # This defines the version home-manager
     # was originally bulit against on this system.