From 44e5d0819f64bd8b33297c3dd5082f8cebcfe79d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Max=20K=C3=A4nner?= Date: Fri, 15 Mar 2024 14:55:18 +0100 Subject: [PATCH] 234 current 1970-01-01 01:00:00 24.05.20240312.0ad13a6 6.6.21 * --- .../nixos/T-TeleSec_GlobalRoot_Class_2.crt | Bin 0 -> 967 bytes modules/nixos/wifi.nix | 69 +++++++++++++++++- secrets/wifi.yaml | 18 ++++- 3 files changed, 82 insertions(+), 5 deletions(-) create mode 100644 modules/nixos/T-TeleSec_GlobalRoot_Class_2.crt diff --git a/modules/nixos/T-TeleSec_GlobalRoot_Class_2.crt b/modules/nixos/T-TeleSec_GlobalRoot_Class_2.crt new file mode 100644 index 0000000000000000000000000000000000000000..0911a562934374fbb203efb9d9d94edf0eb1d0b3 GIT binary patch literal 967 zcmXqLVm@rp#I$+=GZP~d6CHzYMDH8?d{!96EGDKRG~KOd+nC$YF#!N@>PoY%m@ z(7?dZ(7?pN&?HKn*Vq`uH8M7}G_{Nx9FA;aR6-6sMpg#qCPsb+gC<5UrY1&4hE?&m zq~l){PkeeS=F6gI?oU5wgeI`cGA-FWJMyz!*Lst+e|Qhw^pJd)*?&^ukK!tJ$+sI~ z)}$Vff6G);U85^~ZP(6*LlRA5Ex*z>a2yL!ZhUffr>Ffl|2%UK4GaFG`<`bM{I#6! zd+GR$i2SbH zFE>x`t217jH>LT5$uGs#ulkA>*e|(f5dFT*H*0FNv&#wrQJJTV;YVkDe8#3Rah1Z+ z?ZIk+&YQRer$#(Hz+ZOrKyOXs=c0mn`TwN)ZpND)+mvrov(Ll-QIzHN8*?k>&2O_~ zj+5+mS#6gB5E-RP6P@KBfjv+~`;{(&KKZ(lEjAt8EWt$~c zuVqngiAa5PTf6JIYOr}yaQvQIj7ge{mZ=v$vr?)%m@hlEK*5XMJwq76@XU9Y+k zU0TChrRiShu)S{cRqqpCn0E*OeZ_7T literal 0 HcmV?d00001 diff --git a/modules/nixos/wifi.nix b/modules/nixos/wifi.nix index eb8a0fd..c9c2155 100644 --- a/modules/nixos/wifi.nix +++ b/modules/nixos/wifi.nix @@ -3,13 +3,78 @@ pkgs, ... }: { - sops.secrets."wireless.env" = { + sops.secrets."home/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + sops.secrets."home/psk" = { sopsFile = ../../secrets/wifi.yaml; }; sops.age.keyFile = /home/max/.config/sops/age/keys.txt; networking.networkmanager = { enable = true; - wifi.backend = "wpa_supplicant"; + ensureProfiles.profiles = { + home = { + connection = { + id = "Please Hack"; + type = "wifi"; + }; + wifi = { + mode = "infrastructure"; + ssid = "Please Hack"; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + }; + }; + eduroam = { + connection = { + id = "eduroam"; + type = "wifi"; + }; + wifi = { + mode = "infrastructure"; + ssid = "eduroam"; + }; + wifi-security = { + key-mgmt = "wpa-eap"; + }; + "802-1x" = { + anonymous-identity = "anonymous@uni-hannover.de"; + ca-cert = "${./T-TeleSec_GlobalRoot_Class_2.crt}"; + domain-suffix-match = "radius-dfn.luis.uni-hannover.de"; + eap = "ttls;"; + phase2-auth = "mschapv2"; + }; + }; + luhbotsNet5 = { + connection = { + id = "luhbotsNet5"; + type = "wifi"; + autoconnect-priority = "10"; + }; + wifi = { + mode = "infrastructure"; + ssid = "luhbotsNet5"; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + }; + }; + luhbotsNet = { + connection = { + id = "luhbotsNet"; + type = "wifi"; + autoconnect-priority = "5"; + }; + wifi = { + mode = "infrastructure"; + ssid = "luhbotsNet"; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + }; + }; + }; }; environment.systemPackages = with pkgs; [ diff --git a/secrets/wifi.yaml b/secrets/wifi.yaml index 77e1273..3eb1421 100644 --- a/secrets/wifi.yaml +++ b/secrets/wifi.yaml @@ -1,4 +1,16 @@ -wireless.env: ENC[AES256_GCM,data:JSJjKuLsEz7niHs1tOJP0a11Hn2rWw8b671v6Fmq/8Gx+z4Pbz4ndwnsuJOK1fWN0LILCUmKr0pKOIoF+iDWPHJLN0j7iRGQui1AMC10a6uOhCqe0ILPdcGLqIbbo3jEn3/64L4qCVkC7nfHWoOH5v9ccTpPSi90tfLFc/SCqUpeoF0o26v+edxqyEkN+eI01S4vBy7TWijL30BYOiCAI3Q8PDQ7YKwHQukRyApLI2F1DYl0YW/BXOwqvuAvcejXYsM2/Abl0zLnRClTj7War0PS7svVGIzE,iv:ZTI9d/usa4oEWWJ3n3VBmeX3uMuJbuHBxL7ds/dkxZM=,tag:h0c0jvddS0RA2NkQBl3/AQ==,type:str] +home: + ssid: ENC[AES256_GCM,data:i76d33GIysjSY2k=,iv:34g02nNL5xYXx0PpN49u4xVHzfraTMtAqC4w4oxLBao=,tag:Y3g8kzhPF5LJuaxFq7jd3w==,type:str] + psk: ENC[AES256_GCM,data:bb25mbWgCBvwEvKr4sRRXg==,iv:+oNkqdk0bEP1l1e+HpSveRrxJI8OfQtBVcQ5476kMLU=,tag:vdWSVd5pIRGab+lzP4oFHg==,type:str] +parents: + ssid: ENC[AES256_GCM,data:NZEKQ2N1sC0=,iv:vvsnsH3lYbtXwSnQuInhceiE19Z+ZNszB20TL9BF40g=,tag:5YOljSW9Hht+MCNKhss/Sw==,type:str] + psk: ENC[AES256_GCM,data:gjpdj21uLDiY,iv:k1RH2ybRkJccEqjkdv1Tz+qLS2EdGWdn+jRkUcTDLtY=,tag:IuwgoHt//GvyWVvDI2C/2g==,type:str] +luhbots: + ssid5: ENC[AES256_GCM,data:Bo0aJge7ZkrUhhA=,iv:1EmjRy1xK73xwhE+orUi2HLM9fM2zKxpxDHQnQgEdP0=,tag:P6PSTd34VByQEAhVGbXdNg==,type:str] + ssid: ENC[AES256_GCM,data:MH0T/q45UCZL7w==,iv:SFwjqsojxvsu4k83mi69CypaAdzVhFXbebi9/wTsgaY=,tag:JxY5ftwiZp6jGM4ZxvpO/g==,type:str] + psk: ENC[AES256_GCM,data:Fg8aRzPc6F0=,iv:5Se6YLTRRAP0Gc4WKPQ4vQHlZcG5mqLLqVLzeEaW/sI=,tag:1Ppw5ZyDSCb0atF8/tnSxg==,type:str] +eduroam: + ident: ENC[AES256_GCM,data:PXY5jOJ36+ko+a0PmtxViPHv5GvBwfBD32A=,iv:i6uFlawX0nQ7T25MF2OgwgeW43jaB2Y8pNYx9NMAVTc=,tag:veYmEFGz30AbYuHuQdA01w==,type:str] + psk: ENC[AES256_GCM,data:AcC96tlKw9mKKdR3nW+5FA==,iv:c6Oly2tmIpLjzTZ1iMl6e9bxAz9r7l5zKpwf3UVBpJg=,tag:yZnNpf2d40eZ6L9OgOzYHQ==,type:str] sops: kms: [] gcp_kms: [] @@ -14,8 +26,8 @@ sops: d0FZc0x5UVhPQ09xUE5Qa1A0QkExVmcKkcy1i+nME0uHlLy8vCu8vgqSuR+0NqaD D+zKRKNdfJn1TLsoyDb4iDSeqp8nB9fZzQqIJshGRhlnqxuzIiYqqA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-03-08T22:34:29Z" - mac: ENC[AES256_GCM,data:MPUKmmbm8aB0BV3yWTeEIAfDudRGo4GSW6LVNBMCVUp/GXNYw45C/w09/u2d6o1oBSIBOZP03mR18sSNpaz7t98iw+F5bArMqefP+nULdhz3D58Zqm8lcaSMVjqCOc8q1O2o/bbhiE3qXZoC2It85Xym1BiVO5fdbwFZVRPa3aY=,iv:Z7Cg8qQg1e3gMHITgU4TfQbBIEx8/9lyhiQVNuQ+/yA=,tag:n/1uaNgHmw7MheLz/+41nA==,type:str] + lastmodified: "2024-03-15T13:39:03Z" + mac: ENC[AES256_GCM,data:fY0F6U2Vro76AunBcwA4RtCdH6ovtjWFmI5aaqePcLgWuyPFAcDESAtLFNL/83KARRIwHeO2a+Q2gkVHkI3TROyCoPx/LGpIFGWpm5OpSImtT5LPrvFsG0I8cSiXZ7sIIjGaBMNfRNN1YqnYGCwqA2zXyE3mbtpJoVqd0/hVpx8=,iv:T7SrzmPrb3zVT+xkGPaiGj7uL8y3arlfyEbnXmqZYkY=,tag:k228lcSejQGFQAvd7/6Bkg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1