huge refactor

moduler/services/users/default.nix

@@ -0,0 +1,62 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+with lib;
+{
+  options.features.users = {
+    enable = mkEnableOption "enable default users";
+    name = mkOption {
+      type = types.str;
+      default = "fw";
+      description = "Primary user account name.";
+    };
+    fullName = mkOption {
+      type = types.str;
+      default = "Fredrik Wastring";
+      description = "Primary user full name.";
+    };
+    initialPassword = mkOption {
+      type = types.str;
+      default = "password";
+      description = "Initial password for the primary user.";
+    };
+    extraGroups = mkOption {
+      type = types.listOf types.str;
+      default = [
+        "networkmanager"
+        "wheel"
+        "audio"
+        "docker"
+        "input"
+      ];
+      description = "Additional groups for the primary user.";
+    };
+    sshAuthorizedKeys = mkOption {
+      type = types.listOf types.str;
+      default = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFpJBGPIfPB1BwSG7aoKqwfccyZSaU7J3xpJ8behMp9N fw@core"
+      ];
+      description = "SSH authorized keys for the primary user.";
+    };
+  };
+
+  config = mkIf config.features.users.enable {
+    users = {
+      defaultUserShell = pkgs.bash;
+      users = {
+        ${config.features.users.name} = {
+          initialPassword = config.features.users.initialPassword;
+          isNormalUser = true;
+          description = config.features.users.fullName;
+          extraGroups = config.features.users.extraGroups;
+          openssh.authorizedKeys = {
+            keys = config.features.users.sshAuthorizedKeys;
+          };
+        };
+      };
+    };
+  };
+}