multi-user toggle init

2026-01-16 10:19:36 -06:00
parent 597f9ee5b8
commit 4e835aca1b
31 changed files with 304 additions and 119 deletions
--- a/modules/services/printing.nix
+++ b/modules/services/printing.nix
@@ -13,7 +13,12 @@ in
 {
  options.my.services.printing.enable = lib.mkEnableOption "printing services and drivers";
  config = lib.mkIf config.my.services.printing.enable {
-    users.users.jawz.packages = [ pkgs.simple-scan ];
+    users.users = let
+      users = if lib.isString config.my.toggleUsers.services then [ config.my.toggleUsers.services ] else config.my.toggleUsers.services;
+      packages = [ pkgs.simple-scan ];
+    in lib.mkMerge (map (user: {
+      ${user}.packages = packages;
+    }) users);
    services.printing = {
      enable = true;
      drivers = printingDrivers;
--- a/modules/services/syncthing.nix
+++ b/modules/services/syncthing.nix
@@ -16,26 +16,32 @@ in
 {
  options.my.services.syncthing.enable = lib.mkEnableOption "Syncthing file synchronization";
  config = lib.mkIf (config.my.services.syncthing.enable && config.my.secureHost) {
-    sops.secrets = {
+    sops.secrets = let
+      # Syncthing runs as a single user service, so use the first user if a list is provided
+      user = if lib.isString config.my.toggleUsers.services then config.my.toggleUsers.services else (lib.head config.my.toggleUsers.services);
+    in {
      "syncthing_keys/${hostName}" = {
        sopsFile = ../../secrets/keys.yaml;
-        owner = config.users.users.jawz.name;
-        inherit (config.users.users.jawz) group;
-        path = "/home/jawz/.config/syncthing/key.pem";
+        owner = config.users.users.${user}.name;
+        inherit (config.users.users.${user}) group;
+        path = "/home/${user}/.config/syncthing/key.pem";
      };
      "syncthing_certs/${hostName}" = {
        sopsFile = ../../secrets/keys.yaml;
-        owner = config.users.users.jawz.name;
-        inherit (config.users.users.jawz) group;
-        path = "/home/jawz/.config/syncthing/cert.pem";
+        owner = config.users.users.${user}.name;
+        inherit (config.users.users.${user}) group;
+        path = "/home/${user}/.config/syncthing/cert.pem";
      };
      "syncthing_password" = {
        sopsFile = ../../secrets/keys.yaml;
      };
    };
-    services.syncthing = {
+    services.syncthing = let
+      # Syncthing runs as a single user service, so use the first user if a list is provided
+      user = if lib.isString config.my.toggleUsers.services then config.my.toggleUsers.services else (lib.head config.my.toggleUsers.services);
+    in {
      enable = true;
-      user = "jawz";
+      user = user;
      group = "users";
      overrideDevices = true;
      overrideFolders = true;
@@ -50,7 +56,7 @@ in
          globalAnnounceEnabled = false;
        };
        gui = {
-          user = "jawz";
+          user = if lib.isString config.my.toggleUsers.services then config.my.toggleUsers.services else (lib.head config.my.toggleUsers.services);
          password = config.sops.secrets.syncthing_password.path;
        };
        devices = {