logins/default.nix

@@ -7,11 +7,10 @@ in
   flake = {
     logins = {
       admins = admins;
-      wireguardDevices =
+      wireguardDevices = lib.lists.foldl (
-        lib.lists.foldl
+        wireguardDevices: adminConfig:
-          (wireguardDevices: adminConfig: wireguardDevices ++ (if adminConfig ? "wireguardDevices" then adminConfig.wireguardDevices else [ ]))
+        wireguardDevices ++ (if adminConfig ? "wireguardDevices" then adminConfig.wireguardDevices else [ ])
-          [ ]
+      ) [ ] (lib.attrsets.attrValues admins);
-          (lib.attrsets.attrValues admins);
       robots.sshPubKeys = lib.attrsets.attrValues robots;
     };
   };

modules/core/users.nix

@@ -31,8 +31,12 @@
     };
 
   config = {
-    users.users = (lib.attrsets.foldlAttrs
+    users.users =
-      (acc: name: value: acc // { ${name} = {
+      (lib.attrsets.foldlAttrs (
+        acc: name: value:
+        acc
+        // {
+          ${name} = {
             name = name;
             group = name;
             extraGroups = [
@@ -42,9 +46,8 @@
             isNormalUser = true;
             openssh.authorizedKeys.keys = lib.attrsets.attrValues value.sshPubKeys;
           };
-      })
+        }
-      { }
+      ) { } flake.self.logins.admins)
-      flake.self.logins.admins)
       // {
         # TODO: Remove when we stop locking ourselves out.
         root.openssh.authorizedKeys.keys = config.pub-solar-os.authentication.sshPubKeys;
@@ -62,10 +65,11 @@
         };
       };
 
-    users.groups = (lib.attrsets.foldlAttrs
+    users.groups =
-      (acc: name: value: acc // { "${name}" = { }; })
+      (lib.attrsets.foldlAttrs (
-      { }
+        acc: name: value:
-      flake.self.logins.admins)
+        acc // { "${name}" = { }; }
+      ) { } flake.self.logins.admins)
       // {
         ${config.pub-solar-os.authentication.robot.username} = { };
       };