feat: add users/{user}/nixos.nix support

lib/mkHost.nix

@@ -15,8 +15,14 @@ let
   hostHWConfig = ../hosts/${name}/hardware-configuration.nix;
   hasHWConfig = builtins.pathExists hostHWConfig;
 
+  # Load NixOS-level user config (account, groups, SSH keys)
+  userNixosConfigs = map (user: ../users/${user}/nixos.nix) (
+    builtins.filter (user: builtins.pathExists ../users/${user}/nixos.nix) users
+  );
+
+  # Load home-manager user config
   userHMConfigs = nixpkgs.lib.genAttrs users (
-    user: import ../users/${user}/home-manager.nix { inherit inputs; }
+    user: import ../users/${user}/home-manager.nix
   );
 
 in
@@ -31,11 +37,13 @@ nixpkgs.lib.nixosSystem {
     hostConfig
   ]
   ++ nixpkgs.lib.optional hasHWConfig hostHWConfig
+  ++ userNixosConfigs
   ++ [
     inputs.home-manager.nixosModules.home-manager
     {
       home-manager.useGlobalPkgs = true;
       home-manager.useUserPackages = true;
+      home-manager.backupFileExtension = "backup";
       home-manager.users = userHMConfigs;
       home-manager.extraSpecialArgs = { inherit inputs; };
     }

users/matej/keys.nix

@@ -0,0 +1,6 @@
+{
+  sshAuthorizedKeys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449"
+  ];
+}

users/matej/nixos.nix

@@ -0,0 +1,27 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+let
+  keys = import ./keys.nix;
+in
+{
+  users.users.matej = {
+    uid = 1000;
+    isNormalUser = true;
+    home = "/home/matej";
+    shell = pkgs.zsh;
+    extraGroups = [
+      "wheel"
+      "docker"
+    ];
+    openssh.authorizedKeys.keys = keys.sshAuthorizedKeys;
+  };
+
+  users.groups.matej = {
+    gid = 1000;
+    members = [ "matej" ];
+  };
+}