325 current 1970-01-01 01:00:00 23.11.20240518.e7cc617 6.6.30-rt30 *

2024-05-20 19:58:09 +02:00 · 2024-05-20 19:58:09 +02:00 · d712b4d00d
commit d712b4d00d
parent 01275a4785
4 changed files with 187 additions and 136 deletions
--- a/hosts/MaxNixosLaptop/configuration.nix
+++ b/hosts/MaxNixosLaptop/configuration.nix
@ -14,6 +14,11 @@
    inputs.home-manager.nixosModules.default
  ];

+  music.enable = true;
+  greetd.enable = true;
+  wifi.enable = true;
+  wifi.tray = true;
+
  hardware.opengl = {
    enable = true;
    extraPackages = with pkgs; [
@ -26,8 +31,6 @@
    ];
  };

-  hardware.spacenavd.enable = true;
-
  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -1,8 +1,3 @@
 {...}: {
  imports = [./greetd.nix ./rebuild.nix ./sops.nix ./sway.nix ./wifi.nix ./music.nix];
-
-  config = {
-    music.enable = true;
-    greetd.enable = true;
-  };
 }
--- a/modules/nixos/sops.nix
+++ b/modules/nixos/sops.nix
@ -1,33 +1,45 @@
-{sops, ...}: {
-  sops = {
-    age.keyFile = /home/max/.config/sops/age/keys.txt;
-    secrets = {
-      "home/ssid" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "home/psk" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "parents/ssid" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "parents/psk" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "eduroam/ident" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "eduroam/psk" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "luhbots/ssid" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "luhbots/ssid5" = {
-        sopsFile = ../../secrets/wifi.yaml;
-      };
-      "luhbots/psk" = {
-        sopsFile = ../../secrets/wifi.yaml;
+{
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.secrets;
+in {
+  options = {
+    secrets.enable = lib.mkEnableOption "sops, an secrets manager";
+  };
+
+  config = lib.mkIf cfg.enable {
+    sops = {
+      age.keyFile = /home/max/.config/sops/age/keys.txt;
+      secrets = {
+        "home/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "home/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "parents/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "parents/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "eduroam/ident" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "eduroam/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/ssid5" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
      };
    };
  };
--- a/modules/nixos/wifi.nix
+++ b/modules/nixos/wifi.nix
@ -1,106 +1,147 @@
 {
+  lib,
  config,
  pkgs,
  ...
-}: {
-  sops.templates = let
-    placeholder = config.sops.placeholder;
-  in {
-    "home.nmconnection".content = ''
-      [connection]
-      id=${placeholder."home/ssid"}
-      type=wifi
-      autoconnect-priority=10
-
-      [wifi]
-      mode=infrastructure
-      ssid=${placeholder."home/ssid"}
-
-      [wifi-security]
-      key-mgmt=wpa-psk
-      psk=${placeholder."home/psk"}
-    '';
-    "parents.nmconnection".content = ''
-      [connection]
-      id=${placeholder."parents/ssid"}
-      type=wifi
-      autoconnect-priority=10
-
-      [wifi]
-      mode=infrastructure
-      ssid=${placeholder."parents/ssid"}
-
-      [wifi-security]
-      key-mgmt=wpa-psk
-      psk=${placeholder."parents/psk"}
-    '';
-    "eduroam.nmconnection".content = ''
-      [connection]
-      id=eduroam
-      type=wifi
-      autoconnect-priority=0
-
-      [wifi]
-      mode=infrastructure
-      ssid=eduroam
-
-      [wifi-security]
-      auth-alg=open
-      key-mgmt=wpa-eap
-
-      [802-1x]
-      anonymous-identity=anonymous@uni-hannover.de
-      ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
-      domain-suffix-match=radius-dfn.luis.uni-hannover.de
-      eap=ttls;
-      identity=${placeholder."eduroam/ident"}
-      password=${placeholder."eduroam/psk"}
-      phase2-auth=mschapv2
-    '';
-    "luhbots.nmconnection".content = ''
-      [connection]
-      id=${placeholder."luhbots/ssid"}
-      type=wifi
-      autoconnect-priority=5
-
-      [wifi]
-      mode=infrastructure
-      ssid=${placeholder."luhbots/ssid"}
-      autoconnect-priority=0
-
-      [wifi-security]
-      key-mgmt=wpa-psk
-      psk=${placeholder."luhbots/psk"}
-    '';
-    "luhbots5.nmconnection".content = ''
-      [connection]
-      id=${placeholder."luhbots/ssid5"}
-      type=wifi
-      autoconnect-priority=10
-
-      [wifi]
-      mode=infrastructure
-      ssid=${placeholder."luhbots/ssid5"}
-      autoconnect-priority=0
-
-      [wifi-security]
-      key-mgmt=wpa-psk
-      psk=${placeholder."luhbots/psk"}
-    '';
+}: let
+  cfg = config.wifi;
+in {
+  options = {
+    wifi.enable = lib.mkEnableOption "wifi";
+    wifi.tray = lib.mkEnableOption "nm tray entry";
  };
-  environment.etc = let
-    template = config.sops.templates;
-    base = "NetworkManager/system-connections";
-  in {
-    "${base}/home.nmconnection".source = template."home.nmconnection".path;
-    "${base}/parents.nmconnection".source = template."parents.nmconnection".path;
-    "${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path;
-    "${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path;
-    "${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path;
-  };
-  networking.networkmanager.enable = true;

-  environment.systemPackages = with pkgs; [
-    nm-tray
-  ];
+  config = lib.mkIf cfg.enable {
+    environment.etc = let
+      template = config.sops.templates;
+      base = "NetworkManager/system-connections";
+    in {
+      "${base}/home.nmconnection".source = template."home.nmconnection".path;
+      "${base}/parents.nmconnection".source = template."parents.nmconnection".path;
+      "${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path;
+      "${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path;
+      "${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path;
+    };
+    networking.networkmanager.enable = true;
+
+    environment.systemPackages = lib.optional cfg.tray pkgs.nm-tray;
+
+    secrets.enable = true;
+    sops = {
+      secrets = {
+        "home/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "home/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "parents/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "parents/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "eduroam/ident" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "eduroam/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/ssid" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/ssid5" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+        "luhbots/psk" = {
+          sopsFile = ../../secrets/wifi.yaml;
+        };
+      };
+      templates = let
+        placeholder = config.sops.placeholder;
+      in {
+        "home.nmconnection".content = ''
+          [connection]
+          id=${placeholder."home/ssid"}
+          type=wifi
+          autoconnect-priority=10
+
+          [wifi]
+          mode=infrastructure
+          ssid=${placeholder."home/ssid"}
+
+          [wifi-security]
+          key-mgmt=wpa-psk
+          psk=${placeholder."home/psk"}
+        '';
+        "parents.nmconnection".content = ''
+          [connection]
+          id=${placeholder."parents/ssid"}
+          type=wifi
+          autoconnect-priority=10
+
+          [wifi]
+          mode=infrastructure
+          ssid=${placeholder."parents/ssid"}
+
+          [wifi-security]
+          key-mgmt=wpa-psk
+          psk=${placeholder."parents/psk"}
+        '';
+        "eduroam.nmconnection".content = ''
+          [connection]
+          id=eduroam
+          type=wifi
+          autoconnect-priority=0
+
+          [wifi]
+          mode=infrastructure
+          ssid=eduroam
+
+          [wifi-security]
+          auth-alg=open
+          key-mgmt=wpa-eap
+
+          [802-1x]
+          anonymous-identity=anonymous@uni-hannover.de
+          ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
+          domain-suffix-match=radius-dfn.luis.uni-hannover.de
+          eap=ttls;
+          identity=${placeholder."eduroam/ident"}
+          password=${placeholder."eduroam/psk"}
+          phase2-auth=mschapv2
+        '';
+        "luhbots.nmconnection".content = ''
+          [connection]
+          id=${placeholder."luhbots/ssid"}
+          type=wifi
+          autoconnect-priority=5
+
+          [wifi]
+          mode=infrastructure
+          ssid=${placeholder."luhbots/ssid"}
+          autoconnect-priority=0
+
+          [wifi-security]
+          key-mgmt=wpa-psk
+          psk=${placeholder."luhbots/psk"}
+        '';
+        "luhbots5.nmconnection".content = ''
+          [connection]
+          id=${placeholder."luhbots/ssid5"}
+          type=wifi
+          autoconnect-priority=10
+
+          [wifi]
+          mode=infrastructure
+          ssid=${placeholder."luhbots/ssid5"}
+          autoconnect-priority=0
+
+          [wifi-security]
+          key-mgmt=wpa-psk
+          psk=${placeholder."luhbots/psk"}
+        '';
+      };
+    };
+  };
 }