feat(users): allow users to be enabled

hosts/shared/users.nix

@@ -5,11 +5,9 @@
 }: let
   inherit (lib) types mkOption;
   createTmpfilesEntries = entries: builtins.attrValues (builtins.mapAttrs (dest: path: "L+ %h/${dest} - - - - ${path}") entries);
-  cfg = config.alqueva.users;
+  users = config.alqueva.users;
 in {
   options.alqueva.users = mkOption {
-    description = "Users to have on the system.";
-    default = {};
     type = types.attrsOf (types.submodule {
       options = {
         tmpfiles = mkOption {
@@ -32,25 +30,30 @@ in {
           default = config.programs.bash.package;
           description = "Shell the user wants to use.";
         };
+        enable = (lib.mkEnableOption "this user.") // {default = true;};
       };
     });
+    description = "Users to have on the system.";
+    default = {};
   };
 
-  config = {
+  config = let
+    enabledUsers = lib.filterAttrs (_: user: user.enable == true) users;
+  in {
     users.users =
-      builtins.mapAttrs (user: ucfg: {
-        description = user;
+      builtins.mapAttrs (un: uc: {
+        description = un;
         isNormalUser = true;
-        extraGroups = ucfg.groups;
-        inherit (ucfg) packages shell;
+        extraGroups = uc.groups;
+        inherit (uc) packages shell;
         initialPassword = "password";
       })
-      cfg;
+      enabledUsers;
 
     systemd.user.tmpfiles.users =
-      builtins.mapAttrs (_: ucfg: {
-        rules = createTmpfilesEntries ucfg.tmpfiles;
+      builtins.mapAttrs (_: uc: {
+        rules = createTmpfilesEntries uc.tmpfiles;
       })
-      cfg;
+      enabledUsers;
   };
 }