From c84e2553801f93035e2d827f7fae83fd95d45a2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= <nikodem@rabulinski.com>
Date: Mon, 22 Jan 2024 20:36:50 +0100
Subject: [PATCH] settei/sane-defaults: move openssh.authorizedKeys from linux
 to shared options

---
 modules/system/settei/sane-defaults.nix | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/modules/system/settei/sane-defaults.nix b/modules/system/settei/sane-defaults.nix
index 5b7d26f..80b473c 100644
--- a/modules/system/settei/sane-defaults.nix
+++ b/modules/system/settei/sane-defaults.nix
@@ -1,9 +1,11 @@
 {isLinux}: {
   config,
   lib,
-  username,
   ...
 } @ args: let
+  cfg = config.settei.sane-defaults;
+  inherit (config.settei) username;
+
   options = {
     settei.sane-defaults = with lib; {
       enable = mkEnableOption "Personal sane defaults (but they should make sense for anyone)";
@@ -19,8 +21,6 @@
   };
 
   sharedConfig = let
-    cfg = config.settei;
-    inherit (cfg) username;
     adminNeedsPassword = isLinux -> config.security.sudo.wheelNeedsPassword;
   in {
     _module.args = {
@@ -38,6 +38,15 @@
     # Flakes are unusable without git present so pull it into the environment by default
     settei.user.config.programs.git.enable = lib.mkDefault true;
 
+    # FIXME: Move to common
+    users.users.${username}.openssh.authorizedKeys.keys = let
+      configName' =
+        args.configurationName
+        or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
+      filteredKeys = lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
+    in
+      lib.mkDefault (lib.attrValues filteredKeys);
+
     nix = {
       settings = {
         experimental-features = ["nix-command" "flakes" "repl-flake" "auto-allocate-uids"];
@@ -62,13 +71,13 @@
   };
 
   linuxConfig = lib.optionalAttrs isLinux (let
-    cfg = config.settei.sane-defaults;
     nmEnabled = config.networking.networkmanager.enable;
   in {
     hardware.enableRedistributableFirmware = true;
 
     services.openssh.enable = true;
     programs.mosh.enable = lib.mkDefault true;
+    programs.git.enable = lib.mkDefault true;
 
     users = {
       mutableUsers = false;
@@ -77,14 +86,6 @@
         home = "/home/${username}";
         group = username;
         extraGroups = ["wheel"];
-        # FIXME: Move to common
-        openssh.authorizedKeys.keys = let
-          configName' =
-            args.configurationName
-            or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
-          filteredKeys = lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
-        in
-          lib.mkDefault (lib.attrValues filteredKeys);
       };
       groups.${username} = {};
     };