Complete NixOS rewrite: Transform Omarchy from Arch to declarative NixOS

- Replace shell script-based Arch installation with declarative NixOS configuration
- Implement flake-based architecture for reproducible builds
- Add modular system with feature flags (Docker, gaming, development, etc.)
- Create declarative theme system with Tokyo Night and Catppuccin
- Convert utility scripts to Nix packages with proper derivations
- Add comprehensive development environments (Rust, Go, Python, Node.js, C/C++)
- Implement Home Manager integration for user environment management
- Add interactive installer with theme selection and feature configuration
- Update documentation for NixOS-specific workflows and commands
- Provide atomic updates with rollback capability

This maintains all aesthetic and functional benefits of original Omarchy
while gaining NixOS power: reproducibility, version control, and atomic updates.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

modules/users.nix

@@ -0,0 +1,122 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let
+  cfg = config.omarchy;
+in
+{
+  # User account configuration
+  users.users.${cfg.user} = {
+    isNormalUser = true;
+    description = "Omarchy User";
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "audio"
+      "video"
+      "docker"
+      "libvirtd"
+      "input"
+      "dialout"
+    ];
+    shell = pkgs.bash;
+
+    # Set initial password (should be changed on first login)
+    initialPassword = "omarchy";
+
+    # SSH keys (add your SSH public keys here)
+    openssh.authorizedKeys.keys = [
+      # "ssh-ed25519 AAAAC3... user@example.com"
+    ];
+  };
+
+  # Additional user-related configurations
+  users = {
+    # Allow users in wheel group to use sudo
+    mutableUsers = true;
+
+    # Default shell
+    defaultUserShell = pkgs.bash;
+  };
+
+  # Security settings for users
+  security.pam.services = {
+    # Enable fingerprint authentication
+    login.fprintAuth = false;
+    sudo.fprintAuth = false;
+
+    # Enable U2F authentication (for YubiKey etc.)
+    login.u2fAuth = false;
+    sudo.u2fAuth = false;
+  };
+
+  # Home directory encryption (optional)
+  # security.pam.enableEcryptfs = true;
+
+  # Automatic login (disable for production)
+  services.xserver.displayManager.autoLogin = {
+    enable = false;
+    user = cfg.user;
+  };
+
+  # User environment
+  environment.systemPackages = with pkgs; [
+    # User management tools
+    shadow
+    passwd
+
+    # Session management
+    loginctl
+
+    # User info
+    finger_bsd
+    id-utils
+  ];
+
+  # User-specific services
+  systemd.user.services = {
+    # Example: Syncthing for the user
+    # syncthing = {
+    #   description = "Syncthing for ${cfg.user}";
+    #   wantedBy = [ "default.target" ];
+    #   serviceConfig = {
+    #     ExecStart = "${pkgs.syncthing}/bin/syncthing serve --no-browser --no-restart --logflags=0";
+    #     Restart = "on-failure";
+    #     RestartSec = 10;
+    #   };
+    # };
+  };
+
+  # Shell initialization for all users
+  programs.bash.interactiveShellInit = ''
+    # User-specific aliases
+    alias profile='nvim ~/.bashrc'
+    alias reload='source ~/.bashrc'
+
+    # Safety aliases
+    alias rm='rm -i'
+    alias cp='cp -i'
+    alias mv='mv -i'
+
+    # Directory shortcuts
+    alias home='cd ~'
+    alias downloads='cd ~/Downloads'
+    alias documents='cd ~/Documents'
+    alias projects='cd ~/Projects'
+
+    # Create standard directories if they don't exist
+    mkdir -p ~/Downloads ~/Documents ~/Projects ~/Pictures ~/Videos ~/Music
+  '';
+
+  # XDG Base Directory specification
+  environment.variables = {
+    XDG_CACHE_HOME = "$HOME/.cache";
+    XDG_CONFIG_HOME = "$HOME/.config";
+    XDG_DATA_HOME = "$HOME/.local/share";
+    XDG_STATE_HOME = "$HOME/.local/state";
+  };
+
+  # User quotas (optional)
+  # fileSystems."/home".options = [ "usrquota" ];
+}