From 22030ec205fa7c1e762b7665ec96202340baa26b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= <janezic.mj@gmail.com>
Date: Sat, 21 Feb 2026 03:17:29 +0100
Subject: [PATCH] feat: add users/{user}/nixos.nix support

---
 lib/mkHost.nix        |  9 ++++++++-
 users/matej/keys.nix  |  6 ++++++
 users/matej/nixos.nix | 25 +++++++++++++++++++++++++
 3 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 users/matej/keys.nix
 create mode 100644 users/matej/nixos.nix

diff --git a/lib/mkHost.nix b/lib/mkHost.nix
index efd2078..c0e23f4 100644
--- a/lib/mkHost.nix
+++ b/lib/mkHost.nix
@@ -15,8 +15,14 @@ let
   hostHWConfig = ../hosts/${name}/hardware-configuration.nix;
   hasHWConfig = builtins.pathExists hostHWConfig;
 
+  # Load NixOS-level user config (account, groups, SSH keys)
+  userNixosConfigs = map (user: ../users/${user}/nixos.nix) (
+    builtins.filter (user: builtins.pathExists ../users/${user}/nixos.nix) users
+  );
+
+  # Load home-manager user config
   userHMConfigs = nixpkgs.lib.genAttrs users (
-    user: import ../users/${user}/home-manager.nix { inherit inputs; }
+    user: import ../users/${user}/home-manager.nix
   );
 
 in
@@ -31,6 +37,7 @@ nixpkgs.lib.nixosSystem {
     hostConfig
   ]
   ++ nixpkgs.lib.optional hasHWConfig hostHWConfig
+  ++ userNixosConfigs
   ++ [
     inputs.home-manager.nixosModules.home-manager
     {
diff --git a/users/matej/keys.nix b/users/matej/keys.nix
new file mode 100644
index 0000000..4abff00
--- /dev/null
+++ b/users/matej/keys.nix
@@ -0,0 +1,6 @@
+{
+  sshAuthorizedKeys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449"
+  ];
+}
diff --git a/users/matej/nixos.nix b/users/matej/nixos.nix
new file mode 100644
index 0000000..4337655
--- /dev/null
+++ b/users/matej/nixos.nix
@@ -0,0 +1,25 @@
+{
+  lib,
+  config,
+  ...
+}:
+let
+  keys = import ./keys.nix;
+in
+{
+  users.users.matej = {
+    uid = 1000;
+    isNormalUser = true;
+    home = "/home/matej";
+    extraGroups = [
+      "wheel"
+      "docker"
+    ];
+    openssh.authorizedKeys.keys = keys.sshAuthorizedKeys;
+  };
+
+  users.groups.matej = {
+    gid = 1000;
+    members = [ "matej" ];
+  };
+}