cleanup

systems/aarch64-linux/pi4/default.nix

@@ -87,7 +87,7 @@ in
       "${user}" = {
         isNormalUser = true;
         # hashedPasswordFile = password;
-        password = "BogieDudie1";
+        password = lib.mkForce "BogieDudie1";
         extraGroups = [
           "wheel"
           "docker"

systems/aarch64-linux/pi4/sops.nix

@@ -1,10 +1,10 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "matt";
 in
 {
   sops = {
-    defaultSopsFile = ../../../secrets/pi4-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/pi4-secrets.yaml;
 #    age = {
 #      generateKey = true;
 #      sshKeyPaths = [ "/etc/ssd/ssh_host_ed25519_key" ];

systems/aarch64-linux/pi5/default.nix

@@ -91,7 +91,7 @@ in
     users."${user}" = {
       isNormalUser = true;
 #      hashedPasswordFile = password;
-      password = "BogieDudie1";
+      password = lib.mkForce "BogieDudie1";
       extraGroups = [
         "wheel"
         "docker"

systems/aarch64-linux/pi5/sops.nix

@@ -1,10 +1,10 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "matt";
 in
 {
   sops = {
-    defaultSopsFile = ../../../secrets/pi5-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/pi5-secrets.yaml;
     # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
     age.keyFile = "/home/matt/.config/sops/age/keys.txt";
 

systems/x86_64-linux/desktop/sops.nix

@@ -20,7 +20,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = desktopSopsFile;
+    defaultSopsFile = lib.mkForce desktopSopsFile; # todo
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/desktop/users.nix

@@ -1,9 +1,9 @@
-{ config, namespace, ... }:
+{ config, namespace, lib, ... }:
 let
   passwordFile = config.sops.secrets."desktop/matt_password".path;
 in 
 {
   ${namespace}.user = {
-    passwordFile = passwordFile;
+    passwordFile = lib.mkForce passwordFile;
   };
 }

systems/x86_64-linux/nas/sops.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "nix-apps";
 in
@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = ../../../secrets/nas-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/nas-secrets.yaml;
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/nas/users.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, config, lib, ... }:
 let
   user = "admin";
   passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
@@ -31,7 +31,7 @@ in
         "62900"
         "1001"
       ];
-      hashedPasswordFile = passwordFile;
+      hashedPasswordFile = lib.mkForce passwordFile;
       shell = pkgs.zsh;
       packages = with pkgs; [
         cachix

systems/x86_64-linux/nuc/sops.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, lib, ... }:
 let
   user = "nix-apps";
 in
@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = ../../../secrets/nuc-secrets.yaml;
+    defaultSopsFile = lib.mkForce ../../../secrets/nuc-secrets.yaml;
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------

systems/x86_64-linux/nuc/users.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, lib, ... }:
 let
   user = "admin";
   # passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
@@ -22,7 +22,7 @@ in
           "libvirtd"
         ];
         # hashedPasswordFile = passwordFile;
-        password = "BogieDudie1";
+        password = lib.mkForce "BogieDudie1";
         shell = pkgs.zsh;
         packages = with pkgs; [
         ];

systems/x86_64-linux/steamdeck/configuration.nix

@@ -30,9 +30,7 @@
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users = {
     deck = {
-      hashedPasswordFile = config.sops.secrets."steamdeck/deck-password".path;
-      isNormalUser = true;
-      extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+      hashedPasswordFile = lib.mkForce config.sops.secrets."steamdeck/deck-password".path;
       openssh.authorizedKeys.keys = [
         # macBook
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCw9zq8DLGByI5v2gAn95hKNyOsm3g61a2buxu2BBMFysQJgmZPCCLUqRJKhSM5Vm/JOgsAmdpRBRZQoHD+6S844CJHb4v4VIbjkyQgYCuM7Rst2IOZ5QybvsA2/D0nwytZ+HXQqDj2AagUYDbz0gyyIHkDQ5YGBMkvkWz/h1Vci6aoBM7VihEDM4KlWoTVuPeASGM8r5IZ2FS83Djbqo4ov6AYvLMrKB9Z7hmFgH6R3LE0gxOkzbGVXtSuvJyrjvgytoT22UhATjjxSQ9D+YJXXkQoB3lUdg8OoIquUPjMZpl4mR8ffvseWPfcvD1XlD5t+TOHFqKpESO547tlOBYhdpew+NSgAXpamCU6oyV8tDCywLQu2ucxHRn78u6WXzWHkDtffdhzmk6TZaPhWqVHuTGjR4higBgGqUfSaKOMszt+FDRZAr3HtuQ2+zJ8bowK9fW5OqilTtK2HtQqroD9ApegDNbqOz6kGy5IycSXvqPURy/M4lxZxbtBPuemcJs= mattjallen@MacBook-Pro.local"
@@ -41,11 +39,6 @@
         # desktop nixos
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
       ];
-      packages = with pkgs; [
-        firefox
-        tree
-      ];
-      shell = lib.mkForce pkgs.zsh;
     };
   };
 

systems/x86_64-linux/steamdeck/default.nix

@@ -34,5 +34,6 @@
     user = {
       name = "deck";
     };
+    network.hostName = "steamdeck";
   };
 }

systems/x86_64-linux/steamdeck/sops.nix

@@ -18,7 +18,7 @@ in
   # Either the group id or group name representation of the secret group
   # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
   sops = {
-    defaultSopsFile = (lib.snowfall.fs.get-file "secrets/steamdeck-secrets.yaml");
+    defaultSopsFile = lib.mkForce (lib.snowfall.fs.get-file "secrets/steamdeck-secrets.yaml");
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
     # ------------------------------