max/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

241 current 1970-01-01 01:00:00 24.05.20240316.c75037b 6.6.22 *

Browse Source
This commit is contained in:
Max Känner 2024-03-18 10:22:56 +01:00
parent d9bf9363bb
commit 267616cc4e
3 changed files with 63 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/MaxNixosLaptop/configuration.nix
View File

@ -13,6 +13,7 @@
# script for rebuilding nixos
../../modules/nixos/rebuild.nix
../../modules/nixos/wifi.nix
../../modules/nixos/sops.nix
# greetd login manager
../../modules/nixos/greetd.nix
# sway as window manager

19
modules/nixos/sops.nix Normal file
View File

@ -0,0 +1,19 @@
{sops, ...}: {
sops = {
age.keyFile = /home/max/.config/sops/age/keys.txt;
secrets = {
"home/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
"home/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
"eduroam/ident" = {
sopsFile = ../../secrets/wifi.yaml;
};
"eduroam/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
};
};
}

109
modules/nixos/wifi.nix
View File

@ -3,78 +3,55 @@
pkgs,
...
}: {
sops.age.keyFile = /home/max/.config/sops/age/keys.txt;
sops.secrets."home/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
sops.secrets."home/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
sops.secrets."eduroam/ident" = {
sopsFile = ../../secrets/wifi.yaml;
};
sops.secrets."eduroam/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
sops.templates."eduroam.nmconnection".content = ''
[connection]
id=eduroam
type=wifi
sops.templates = let
placeholder = config.sops.placeholder;
in {
"home.nmconnection".content = ''
[connection]
id=${placeholder."home/ssid"}
type=wifi
[wifi]
mode=infrastructure
ssid=eduroam
[wifi]
mode=infrastructure
ssid=${placeholder."home/ssid"}
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."home/psk"}
'';
"eduroam.nmconnection".content = ''
[connection]
id=eduroam
type=wifi
[802-1x]
anonymous-identity=anonymous@uni-hannover.de
ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
domain-suffix-match=radius-dfn.luis.uni-hannover.de
eap=ttls;
identity=${config.sops.placeholder."eduroam/ident"}
password=${config.sops.placeholder."eduroam/psk"}
phase2-auth=mschapv2
'';
environment.etc."NetworkManager/system-connections/eduroam.nmconnection".source = config.sops.templates."eduroam.nmconnection".path;
[wifi]
mode=infrastructure
ssid=eduroam
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[802-1x]
anonymous-identity=anonymous@uni-hannover.de
ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
domain-suffix-match=radius-dfn.luis.uni-hannover.de
eap=ttls;
identity=${placeholder."eduroam/ident"}
password=${placeholder."eduroam/psk"}
phase2-auth=mschapv2
'';
};
environment.etc = let
template = config.sops.templates;
base = "NetworkManager/system-connections";
in {
"${base}/home.nmconnection".source = template."home.nmconnection".path;
"${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path;
};
networking.networkmanager = {
enable = true;
ensureProfiles.profiles = {
home = {
connection = {
id = "Please Hack";
type = "wifi";
};
wifi = {
mode = "infrastructure";
ssid = "Please Hack";
};
wifi-security = {
key-mgmt = "wpa-psk";
};
};
eduroam = {
connection = {
id = "eduroam";
type = "wifi";
};
wifi = {
mode = "infrastructure";
ssid = "eduroam";
};
wifi-security = {
key-mgmt = "wpa-eap";
};
"802-1x" = {
anonymous-identity = "anonymous@uni-hannover.de";
ca-cert = "${./T-TeleSec_GlobalRoot_Class_2.crt}";
domain-suffix-match = "radius-dfn.luis.uni-hannover.de";
eap = "ttls;";
phase2-auth = "mschapv2";
};
};
luhbotsNet5 = {
connection = {
id = "luhbotsNet5";