From 862500095229ae20ec72e4059b60b6590e0cf417 Mon Sep 17 00:00:00 2001
From: yukkop <hectic.yukkop@gmail.com>
Date: Wed, 27 May 2026 12:54:15 +0000
Subject: [PATCH] feat: `matrix-cluster`: shared users

---
 nixos/module/generic/matrix-cluster-users.nix | 70 +++++++++----------
 sus/matrix-cluster.yaml                       |  6 +-
 2 files changed, 36 insertions(+), 40 deletions(-)

diff --git a/nixos/module/generic/matrix-cluster-users.nix b/nixos/module/generic/matrix-cluster-users.nix
index 0e3201f..796f4ec 100644
--- a/nixos/module/generic/matrix-cluster-users.nix
+++ b/nixos/module/generic/matrix-cluster-users.nix
@@ -3,46 +3,40 @@
   flake,
   self,
 }: {
+  lib,
   config,
   ...
-}: {
-  hectic.generic.matrix-cluster.users = {
-    yukkop = {
-      passwordFile = config.sops.secrets."matrix/users/yukkop/password".path;
-      admin = true;
-    };
-    liquiz = {
-      passwordFile = config.sops.secrets."matrix/users/liquiz/password".path;
-    };
-    vismajor = {
-      passwordFile = config.sops.secrets."matrix/users/vismajor/password".path;
-    };
-    lvgkcfjl = {
-      passwordFile = config.sops.secrets."matrix/users/lvgkcfjl/password".path;
-    };
-  };
+}: let
+  userNames = [
+    "yukkop"
+    "liquiz"
+    "vismajor"
+    "lvgkcfjl"
+    "MrAlex0O"
+    "Антоша"
+  ];
 
-  sops.secrets."matrix/users/yukkop/password" = {
-    key      = "matrix/users/yukkop/password";
-    owner    = "matrix-synapse";
-    sopsFile = "${flake}/sus/matrix-cluster.yaml";
-  };
+  adminNames = [ "yukkop" ];
+in {
+  hectic.generic.matrix-cluster.users = builtins.listToAttrs (
+    map (name: {
+      inherit name;
+      value = {
+        passwordFile = config.sops.secrets."matrix/users/${name}/password".path;
+      } // lib.optionalAttrs (builtins.elem name adminNames) {
+        admin = true;
+      };
+    }) userNames
+  );
 
-  sops.secrets."matrix/users/liquiz/password" = {
-    key      = "matrix/users/liquiz/password";
-    owner    = "matrix-synapse";
-    sopsFile = "${flake}/sus/matrix-cluster.yaml";
-  };
-
-  sops.secrets."matrix/users/vismajor/password" = {
-    key      = "matrix/users/vismajor/password";
-    owner    = "matrix-synapse";
-    sopsFile = "${flake}/sus/matrix-cluster.yaml";
-  };
-
-  sops.secrets."matrix/users/lvgkcfjl/password" = {
-    key      = "matrix/users/lvgkcfjl/password";
-    owner    = "matrix-synapse";
-    sopsFile = "${flake}/sus/matrix-cluster.yaml";
-  };
+  sops.secrets = builtins.listToAttrs (
+    map (name: {
+      name = "matrix/users/${name}/password";
+      value = {
+        key      = "matrix/users/${name}/password";
+        owner    = "matrix-synapse";
+        sopsFile = "${flake}/sus/matrix-cluster.yaml";
+      };
+    }) userNames
+  );
 }
diff --git a/sus/matrix-cluster.yaml b/sus/matrix-cluster.yaml
index 9c6309e..3d38072 100644
--- a/sus/matrix-cluster.yaml
+++ b/sus/matrix-cluster.yaml
@@ -20,6 +20,8 @@ matrix:
             password: ENC[AES256_GCM,data:gM2BV4xD2lZ860c7VSYRlcgFIwyD,iv:pMb0dzCfYcsrx4ReeI4/4jsCoUj+BKucP9eOFag+vWI=,tag:dPVvXIWOqPi0yAxjmaPE8g==,type:str]
         MrAlex0O:
             password: ENC[AES256_GCM,data:aq6wYy1OxXPmHVdE926Q79pARzwaKX1ieE0=,iv:vNV0Gm2DlgLuZpEDm1q4+iltNJOtRechdaXUNfDrfpc=,tag:bECr7NWnOEv7DgZ7OIQMcg==,type:str]
+        Антоша:
+            password: ENC[AES256_GCM,data:oblXjZPkwUkFYQSbSlhhZDAv4sn4ly9auMuaUA==,iv:+uf2K4G9Dqblqy9yXzYFwnWPHnnd1tKPPZ+B9ysVZXc=,tag:DEP9rSGP1kYmLRLWTODzGw==,type:str]
 sops:
     age:
         - recipient: age1x04u7ftjgx8de2gq596e7frauze764cmn7jjwqnx8szthvfft5qq0tezx6
@@ -85,7 +87,7 @@ sops:
             cGtrUDRlUUliSVVjU1o4VUVMOE0ySFEKnjBAqifgYnaJ6LPWzDcopqQxUJ0d9vhe
             F2fIVq8LmO0Nuu7JMhJAvTJgkEyVUAQVTTAtrnhUf2RmILOb72BTKQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2026-05-27T12:39:42Z"
-    mac: ENC[AES256_GCM,data:CkFer6IhVGIER25iO/WYMBvmsjtsV0K5c0zT/iZKrkeMBY+k8mHdZe/5eMpvx11Wl1kIL+o1oxUf+/VDw1q+gkXCrDIAhqyAVe6szYVpU04X0sYmSiZvFVtiAGDblOw2SrCIP7XATwBYFsPqBULhpnajMOTnRAUnuWxPLAdRuxM=,iv:VY1AGatQ1TnbypEpw/lx/C3bQbpqRqzYG6NYQMSOYPE=,tag:3Iy/3RHoRegUhlHzrlcrVQ==,type:str]
+    lastmodified: "2026-05-27T12:45:32Z"
+    mac: ENC[AES256_GCM,data:a0Tr6uAP8tPma7ErK57L4pJUMp29e4+Q+HzsZjGVhIonpmlhAkBDUZz4Mny7kAb9HHW8TKUzsTkvp/PV/hi3EG7OAYQk00D976bDvbMo6bwm/IXFjS9G0ecrN8x+tR8huaApiQyZCseU2I8JtzyFVBIrOsDUFzwUIPbNtmE50h8=,iv:fSB0ATCYdR/Ldsh353OquCFE3IGW64g9qNW5EOXd/1w=,tag:W+6gVxon6xL/LtgYKF/Cxw==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2