{ config, ... }: let homeModules = config.flake.modules.homeManager; realName = "Jelle Spreeuwenberg"; accounts = { kiri = { homeDirectory = "/home/kiri"; gitEmail = "mail@jelles.net"; vaultEmail = "mail@jelles.net"; extraHomeImports = with homeModules; [ syncthing ]; }; ergon = { homeDirectory = "/home/ergon"; gitEmail = "jelle.spreeuwenberg@yookr.org"; vaultEmail = "jelle.spreeuwenberg@yookr.org"; extraHomeImports = with homeModules; [ nix ]; }; }; mkUser = { accountName }: { config, hostType ? "desktop", lib, pkgs, ... }: let account = accounts.${accountName}; isServer = hostType == "server"; in { sops.secrets = lib.optionalAttrs (!isServer) { "hashed-password-${accountName}".neededForUsers = true; }; programs.zsh.enable = true; users.users.${accountName} = { name = accountName; home = account.homeDirectory; isNormalUser = true; shell = pkgs.zsh; extraGroups = [ "wheel" "networkmanager" ]; } // lib.optionalAttrs (!isServer) { hashedPasswordFile = config.sops.secrets."hashed-password-${accountName}".path; }; home-manager.users.${accountName} = { home = { username = accountName; homeDirectory = account.homeDirectory; stateVersion = "24.05"; }; imports = with homeModules; [ terminal shell neovim sshClient sopsAdmin git devTools podman gemini ] ++ account.extraHomeImports; programs.git.settings.user = { name = realName; email = account.gitEmail; }; programs.rbw.settings.email = account.vaultEmail; }; }; in { flake.modules.nixos.kiri = mkUser { accountName = "kiri"; }; flake.modules.nixos.ergon = mkUser { accountName = "ergon"; }; }