feat: start migrating steveej-t14 and sj-vps-htz-0 to sops

nix/os/lib/default.nix

@@ -1,21 +1,9 @@
 {
+  lib,
   keys ? import ../../variables/keys.nix,
-  passwords ? import ../../variables/passwords.crypt.nix,
 }: {
-  mkRoot = {} @ args:
-    {
-      hashedPassword = passwords.users.root;
-      openssh.authorizedKeys.keys = keys.users.steveej.openssh;
-    }
-    // args;
-
-  mkUser = {
-    uid,
-    hashedPassword ? passwords.users.steveej,
-    ...
-  } @ args:
-    {
-      inherit uid hashedPassword;
+  mkUser = args: (
+    lib.attrsets.recursiveUpdate {
       isNormalUser = true;
       extraGroups = [
         "docker"
@@ -32,7 +20,8 @@
       ];
       openssh.authorizedKeys.keys = keys.users.steveej.openssh;
     }
-    // args;
+    args
+  );
 
   disk = rec {
     # TODO: verify the GPT PARTLABEL cap at 36 chars