# hosts/common/users/m3tam3re.nix — Central user definition with m3ta-home integration. # # This module: # 1. Creates the m3tam3re NixOS user # 2. Loads the m3ta-home profile system via mkHome # 3. Sets per-host feature flags based on a host profile mapping # 4. Imports per-host home.nix overrides (monitors, HW-specific config) # # To add a new host: # 1. Add entry to hostProfiles below # 2. Add feature flags in the hostFlags section # 3. Create hosts//home.nix if the host needs overrides (monitors, etc.) { config, pkgs, inputs, ... }: let hostname = config.networking.hostName; # ── Per-host profile mapping ── # Determines which m3ta-home context and sets each host gets. hostProfiles = { # ── Server hosts ── AZ-CLD-1 = { context = "server"; sets = []; }; AZ-PRM-1 = { context = "server"; sets = []; }; }; profile = hostProfiles.${ hostname } or { context = "server"; sets = []; }; m3ta-lib = inputs.m3ta-home.lib; # Check if a per-host home.nix exists hostHomeFile = ./../../${hostname}/home.nix; hostHomeExists = builtins.pathExists hostHomeFile; # ── Per-host feature flags ── # These enable/disable specific m3ta-home modules per host. hostFlags = if hostname == "AZ-CLD-1" then { # Full desktop workstation base = { shell = { fish.enable = true; nushell.enable = true; starship.enable = true; }; cliTools = { fzf.enable = true; nitch.enable = true; television.enable = true; }; secrets.enable = true; }; } else { # m3-helios, m3-hermes, m3-aether — minimal server base = { shell = { fish.enable = true; starship.enable = true; }; cliTools = { fzf.enable = true; nitch.enable = true; }; }; }; in { # ── NixOS user definition ── users.users."sascha.koenig" = { hashedPassword = "$y$j9T$ORX4btVZgs9Xjq2oIvzJm0$lXiPwaa0D6t.eMDIx1UBesEAMOkWXBoGwpeI7X0aS8D"; isNormalUser = true; shell = pkgs.nushell; extraGroups = [ "wheel" "networkmanager" "libvirtd" "flatpak" "plugdev" "input" "kvm" "qemu-libvirtd" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZbg/Z9mnflXuLahGY8WOSBMqbgeqVIkIwRkquys1Ml sascha.koenig@azintec.com" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@MBP-Sascha.fritz.box" ]; packages = [inputs.home-manager.packages.${pkgs.stdenv.hostPlatform.system}.default]; }; # ── Home-Manager configuration via m3ta-home ── home-manager.users."sascha.koenig" = { home.stateVersion = "25.11"; imports = [ # Load m3ta-home composition engine (m3ta-lib.mkHome { user = "m3tam3re"; identity = "work"; inherit (profile) context sets; }) # Per-host feature flags hostFlags ] # Per-host home.nix (Hyprland monitors, XDG/MIME, HW-specific overrides) ++ ( if hostHomeExists then [hostHomeFile] else [] ); }; }