refactor: share rialo user as a reusable nixos module

Extract the per-host rialo user definition into a Snowfall module
(metacfg.user.rialo.enable) so it can be shared across hosts instead of
copy-pasting the file. Enable it on both amd and x1.

modules/nixos/user/rialo/default.nix

@@ -0,0 +1,34 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+with lib;
+with lib.metacfg;
+let
+  cfg = config.metacfg.user.rialo;
+in
+{
+  options.metacfg.user.rialo = with types; {
+    enable = mkBoolOpt false "Whether or not to enable the rialo user.";
+  };
+
+  config = mkIf cfg.enable {
+    users.users.rialo = {
+      isNormalUser = true;
+      home = "/home/rialo";
+      group = "users";
+      shell = pkgs.bash;
+      uid = 1001;
+      extraGroups = [
+        "wheel"
+        "docker"
+        "dialout"
+        "tss"
+      ];
+    };
+
+    nix.settings.trusted-users = [ "rialo" ];
+  };
+}

systems/x86_64-linux/amd/default.nix

@@ -13,7 +13,6 @@ with lib.metacfg;
     ./acme.nix
     ./nginx.nix
     ./opencode.nix
-    ./rialo.nix
   ];
 
   services.rustdesk-server.signal.enable = false;
@@ -44,6 +43,7 @@ with lib.metacfg;
     secureboot.enable = true;
     homeprinter.enable = true;
     build.enable = true;
+    user.rialo.enable = true;
 
     system = {
       limits = {

systems/x86_64-linux/amd/rialo.nix

@@ -1,18 +0,0 @@
-{ pkgs, ... }:
-{
-  users.users.rialo = {
-    isNormalUser = true;
-    home = "/home/rialo";
-    group = "users";
-    shell = pkgs.bash;
-    uid = 1001;
-    extraGroups = [
-      "wheel"
-      "docker"
-      "dialout"
-      "tss"
-    ];
-  };
-
-  nix.settings.trusted-users = [ "rialo" ];
-}

systems/x86_64-linux/x1/default.nix

@@ -53,6 +53,7 @@ with lib.metacfg;
     podman.enable = true;
     secureboot.enable = true;
     homeprinter.enable = true;
+    user.rialo.enable = true;
 
     system = {
       limits = {