From c3c3d6f1fd19a5da015c9a9d3ae5c54f2d177be0 Mon Sep 17 00:00:00 2001
From: Tim Keller <tjk@tjkeller.xyz>
Date: Tue, 26 Aug 2025 21:36:16 -0500
Subject: reogranize files more only working on optiplex for now prepare for
 home manager refactoring

---
 archetypes/tjkeller/user.nix | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 archetypes/tjkeller/user.nix

(limited to 'archetypes/tjkeller/user.nix')

diff --git a/archetypes/tjkeller/user.nix b/archetypes/tjkeller/user.nix
new file mode 100644
index 0000000..2695549
--- /dev/null
+++ b/archetypes/tjkeller/user.nix
@@ -0,0 +1,22 @@
+{ lib, config, pkgs, userDetails, ... }: let
+	cfg = config._archetypes.tjkeller.setPasswords;
+	hashedPasswordFile = config.sops.secrets.hashed-root-password.path;
+in {
+	options._archetypes.tjkeller.setPasswords = {
+		enable = lib.mkEnableOption "set users password. requires hashed root password from sops";
+	};
+
+	config = lib.mkIf cfg.enable {
+		# Load hashed root password secret
+		sops.secrets.hashed-root-password = {
+			sopsFile = ./resources/secrets/hashed-root-password.yaml;
+			neededForUsers = true;
+		};
+
+		# Apply password file
+		users.users = {
+			root = { inherit hashedPasswordFile; };
+			${userDetails.username} = lib.mkIf config._archetypes.users.primary.enable { inherit hashedPasswordFile; };
+		};
+	};
+}
-- 
cgit v1.2.3