Pass password hash path via flake

Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com>

README.md

@@ -63,7 +63,7 @@ Defaults are set in `flake.nix` and used across modules. Update them there:
 | `time.timeZone` | `America/New_York` | `modules/common.nix` |
 | `i18n.defaultLocale` | `en_US.UTF-8` | `modules/common.nix` |
 
-Also rename the default `hosts/atlas/` directory to match your actual hostname, and ensure the same hostname is set in `flake.nix`.
+Also rename the default `hosts/atlas/` directory to match your actual hostname, and ensure the same hostname is set in `flake.nix` (the flake uses it to locate `hosts/<hostname>/hardware-configuration.nix`).
 
 ### 3. Stage Files in Git
 

flake.nix

@@ -41,7 +41,8 @@
     username = "pinj";
     lib = nixpkgs.lib;
     hostConfig = ./hosts + "/${hostname}/hardware-configuration.nix";
-    specialArgs = { inherit inputs system hostname username; };
+    passwordHashPath = "/etc/nixos/secrets/${username}/password.hash";
+    specialArgs = { inherit inputs system hostname username passwordHashPath; };
 
     # Verify mango flake exports the expected module
     mangoModule = assert lib.hasAttrByPath [ "nixosModules" "mango" ] mango;

modules/common.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, inputs, system, hostname, username, ... }:
+{ config, pkgs, inputs, system, hostname, username, passwordHashPath, ... }:
 
 {
   assertions = [
@@ -118,7 +118,7 @@
     extraGroups = [ "wheel" "networkmanager" "video" "seat" ];
     # IMPORTANT: Generate a password hash with: mkpasswd -m sha-512
     # Save it to the path below (ensure permissions are 600)
-    hashedPasswordFile = "/etc/nixos/secrets/${username}/password.hash";
+    hashedPasswordFile = passwordHashPath;
     packages = with pkgs; [
       # -- Noctalia Shell --
       inputs.quickshell.packages.${system}.default