feat: added user2 and refactored to accommodate

nixos/modules/doas.nix

@@ -1,9 +1,17 @@
-{flake, ...}: let
-  inherit
-    (flake.config.people)
+{ flake, config, ... }:
+let
+  inherit (flake.config.people)
     user0
+    user2
     ;
-in {
+  inherit (flake.config.machines)
+    devices
+    ;
+  hostname = config.networking.hostName;
+  desktop = devices.desktop.name;
+  fallaryn = devices.fallaryn.name;
+in
+{
   security = {
     doas = {
       enable = true;
@@ -12,7 +20,14 @@ in {
           keepEnv = true;
           noPass = true;
           users = [
-            user0
+            (
+              if hostname == desktop then
+                user0
+              else if hostname == fallaryn then
+                user2
+              else
+                ""
+            )
           ];
         }
       ];

nixos/modules/environment.nix

@@ -29,7 +29,7 @@
       USE_WAYLAND_GRIM = "1";
       USE_WAYLAND_CLIPBOARD = "1";
       GTK_THEME = "catppuccin-macchiato-mauve-compact";
-      ANTHROPIC_API_KEY = config.sops.secrets.claude-api-key.path;
+      # ANTHROPIC_API_KEY = config.sops.secrets.claude-api-key.path;
     };
   };
 }

nixos/modules/sops.nix

@@ -1,9 +1,25 @@
-{flake, ...}: let
-  inherit
-    (flake.config.people)
+{ flake, config, ... }:
+let
+  inherit (flake.config.people)
     user0
+    user2
     ;
-in {
+  inherit (flake.config.machines)
+    devices
+    ;
+  hostname = config.networking.hostName;
+  desktop = devices.desktop.name;
+  fallaryn = devices.fallaryn.name;
+
+  userLogic =
+    if hostname == desktop then
+      user0
+    else if hostname == fallaryn then
+      user2
+    else
+      "";
+in
+{
   sops = {
     defaultSopsFile = ../../secrets/secrets.yaml;
     validateSopsFiles = false;
@@ -13,21 +29,21 @@ in {
     };
     secrets = {
       "ssh/private" = {
-        path = "/home/${user0}/.ssh/id_ed25519";
-        owner = user0;
+        path = "/home/${userLogic}/.ssh/id_ed25519";
+        owner = userLogic;
       };
       "ssh/public" = {
-        path = "/home/${user0}/.ssh/id_ed25519.pub";
-        owner = user0;
+        path = "/home/${userLogic}/.ssh/id_ed25519.pub";
+        owner = userLogic;
       };
       "ssh/hosts" = {
-        path = "/home/${user0}/.ssh/known_hosts";
-        owner = user0;
-      };
-      "claude-api-key" = {
-        path = "/home/${user0}/.config/zed/claude-api-key";
-        owner = user0;
+        path = "/home/${userLogic}/.ssh/known_hosts";
+        owner = userLogic;
       };
+      # "claude-api-key" = {
+      #   path = "/home/${user0}/.config/zed/claude-api-key";
+      #   owner = user0;
+      # };
     };
   };
 }

nixos/modules/ssh.nix

@@ -1,14 +1,33 @@
-{flake, ...}: let
-  inherit
-    (flake.config.people)
+{
+  flake,
+  config,
+  ...
+}:
+let
+  inherit (flake.config.people)
     user0
+    user2
     ;
-  inherit
-    (flake.config.people.users.${user0})
+  inherit (flake.config.people.users.${userLogic})
     sshKeys
     ;
-in {
-  users.users.${user0} = {
+  inherit (flake.config.machines)
+    devices
+    ;
+  hostname = config.networking.hostName;
+  desktop = devices.desktop.name;
+  fallaryn = devices.fallaryn.name;
+
+  userLogic =
+    if hostname == desktop then
+      user0
+    else if hostname == fallaryn then
+      user2
+    else
+      "";
+in
+{
+  users.users.${userLogic} = {
     openssh.authorizedKeys.keys = sshKeys;
   };
 }