From 23360377cfbc8548fb80665f51f9b136efb98e44 Mon Sep 17 00:00:00 2001
From: a-kenji <aks.kenji@protonmail.com>
Date: Sun, 2 Feb 2025 12:38:15 +0700
Subject: [PATCH] clanModules/root-password: Add `inventory` feature

---
 clanModules/root-password/README.md         |  2 ++
 clanModules/root-password/default.nix       | 37 +++------------------
 clanModules/root-password/roles/default.nix | 35 +++++++++++++++++++
 3 files changed, 41 insertions(+), 33 deletions(-)
 create mode 100644 clanModules/root-password/roles/default.nix

diff --git a/clanModules/root-password/README.md b/clanModules/root-password/README.md
index 982426c73..63baf43e1 100644
--- a/clanModules/root-password/README.md
+++ b/clanModules/root-password/README.md
@@ -1,5 +1,7 @@
 ---
 description = "Automatically generates and configures a password for the root user."
+categories = ["System"]
+features = [ "inventory" ]
 ---
 
 After the system was installed/deployed the following command can be used to display the root-password:
diff --git a/clanModules/root-password/default.nix b/clanModules/root-password/default.nix
index 9b45cba1e..ed6af3368 100644
--- a/clanModules/root-password/default.nix
+++ b/clanModules/root-password/default.nix
@@ -1,35 +1,6 @@
+# Dont import this file
+# It is only here for backwards compatibility.
+# Dont author new modules with this file.
 {
-  pkgs,
-  config,
-  ...
-}:
-{
-  users.mutableUsers = false;
-  users.users.root.hashedPasswordFile =
-    config.clan.core.vars.generators.root-password.files.password-hash.path;
-
-  clan.core.vars.generators.root-password = {
-    files.password-hash = {
-      neededFor = "users";
-    };
-    migrateFact = "root-password";
-    runtimeInputs = [
-      pkgs.coreutils
-      pkgs.mkpasswd
-      pkgs.xkcdpass
-    ];
-    prompts.password.type = "hidden";
-    prompts.password.persist = true;
-    prompts.password.description = "You can autogenerate a password, if you leave this prompt blank.";
-
-    script = ''
-      prompt_value=$(cat $prompts/password)
-      if [[ -n ''${prompt_value-} ]]; then
-        echo $prompt_value | tr -d "\n" > $out/password
-      else
-        xkcdpass --numwords 3 --delimiter - --count 1 | tr -d "\n" > $out/password
-      fi
-      mkpasswd -s -m sha-512 < $out/password | tr -d "\n" > $out/password-hash
-    '';
-  };
+  imports = [ ./roles/default.nix ];
 }
diff --git a/clanModules/root-password/roles/default.nix b/clanModules/root-password/roles/default.nix
new file mode 100644
index 000000000..9b45cba1e
--- /dev/null
+++ b/clanModules/root-password/roles/default.nix
@@ -0,0 +1,35 @@
+{
+  pkgs,
+  config,
+  ...
+}:
+{
+  users.mutableUsers = false;
+  users.users.root.hashedPasswordFile =
+    config.clan.core.vars.generators.root-password.files.password-hash.path;
+
+  clan.core.vars.generators.root-password = {
+    files.password-hash = {
+      neededFor = "users";
+    };
+    migrateFact = "root-password";
+    runtimeInputs = [
+      pkgs.coreutils
+      pkgs.mkpasswd
+      pkgs.xkcdpass
+    ];
+    prompts.password.type = "hidden";
+    prompts.password.persist = true;
+    prompts.password.description = "You can autogenerate a password, if you leave this prompt blank.";
+
+    script = ''
+      prompt_value=$(cat $prompts/password)
+      if [[ -n ''${prompt_value-} ]]; then
+        echo $prompt_value | tr -d "\n" > $out/password
+      else
+        xkcdpass --numwords 3 --delimiter - --count 1 | tr -d "\n" > $out/password
+      fi
+      mkpasswd -s -m sha-512 < $out/password | tr -d "\n" > $out/password-hash
+    '';
+  };
+}