3 files changed, 17 insertions, 14 deletions

diff --git a/modules/root/normaluser.nix b/modules/root/normaluser.nix
index ec266c4..50e9236 100644
--- a/modules/root/normaluser.nix
+++ b/modules/root/normaluser.nix
@@ -4,13 +4,20 @@
 	};
 
 	config = {
-		users.users.root = lib.mkIf config.users.setPassword.enable {
-			hashedPasswordFile = config.sops.secrets.hashed-root-password.path;
+		# Load hashed root password secret
+		sops.secrets.hashed-root-password = lib.mkIf config.users.setPassword.enable {
+			sopsFile = ./resources/secrets/hashed-root-password.yaml;
+			neededForUsers = true;
 		};
+
+		# Set hashed password file if the setPassword option is enabled
+		users.users.root.hashedPasswordFile = lib.mkIf config.users.setPassword.enable config.sops.secrets.hashed-root-password.path;
+
+		# Setup normal user
 		users.users.${userDetails.username} = {
+			home = userDetails.home;
 			description = userDetails.fullname;
 			isNormalUser = true;
-			hashedPasswordFile = lib.mkIf config.users.setPassword.enable config.sops.secrets.hashed-root-password.path;
 			extraGroups = [
 				"i2c"
 				"libvirtd"
@@ -18,6 +25,7 @@
 				"video"
 				"wheel"
 			];
+			hashedPasswordFile = lib.mkIf config.users.setPassword.enable config.sops.secrets.hashed-root-password.path;
 		};
 	};
 }
diff --git a/modules/root/secrets.nix b/modules/root/secrets.nix
index 38346b2..416bcde 100644
--- a/modules/root/secrets.nix
+++ b/modules/root/secrets.nix
@@ -1,18 +1,8 @@
-{ lib, pkgs, inputs, config, userDetails, ... }: {
+{ inputs, config, userDetails, ... }: {
 	imports = [ inputs.sops-nix.nixosModules.sops ];
 
 	sops = {
 		defaultSopsFormat = "yaml";
 		age.sshKeyPaths = [ "${userDetails.home}/.ssh/id_ed25519" "/root/.ssh/id_ed25519" ];
-
-		secrets = {
-			wpa_supplicant-conf = lib.mkIf config.wifi.enable {
-				sopsFile = ./resources/secrets/wpa_supplicant-conf.yaml;
-			};
-			hashed-root-password = lib.mkIf config.users.setPassword.enable {
-				sopsFile = ./resources/secrets/hashed-root-password.yaml;
-				neededForUsers = true;
-			};
-		};
 	};
 }
diff --git a/modules/root/wifi.nix b/modules/root/wifi.nix
index 96fe5c8..9dbf233 100644
--- a/modules/root/wifi.nix
+++ b/modules/root/wifi.nix
@@ -10,6 +10,11 @@
 			allowAuxiliaryImperativeNetworks = true;  # Networks defined in aux imperitive networks (/etc/wpa_supplicant.conf)
 		};
 
+		# Load wpa_supplicant.conf secret config
+		sops.secrets.wpa_supplicant-conf = {
+			sopsFile = ./resources/secrets/wpa_supplicant-conf.yaml;
+		};
+
 		# Link /etc/wpa_supplicant.conf -> secret config
 		environment.etc."wpa_supplicant.conf" = {
 			source = config.sops.secrets.wpa_supplicant-conf.path;