docs: add clan modules readme support

clanModules/root-password/README.md

@@ -0,0 +1,13 @@
+## Usage
+
+!!! tip "This module sets the password for the root user (automatically)."
+
+After the system was installed/deployed the following command can be used to display the root-password:
+
+```bash
+clan secrets get {machine_name}-password
+```
+
+---
+
+See also: [Facts / Secrets](../../getting-started/secrets.md)

clanModules/root-password/default.nix

@@ -0,0 +1,20 @@
+{ pkgs, config, ... }:
+{
+  users.mutableUsers = false;
+  users.users.root.hashedPasswordFile =
+    config.clanCore.facts.services.root-password.secret.password-hash.path;
+  sops.secrets."${config.clanCore.machineName}-password-hash".neededForUsers = true;
+  clanCore.facts.services.root-password = {
+    secret.password = { };
+    secret.password-hash = { };
+    generator.path = with pkgs; [
+      coreutils
+      xkcdpass
+      mkpasswd
+    ];
+    generator.script = ''
+      xkcdpass --numwords 3 --delimiter - --count 1 > $secrets/password
+      cat $secrets/password | mkpasswd -s -m sha-512 > $secrets/password-hash
+    '';
+  };
+}