From d712b4d00dd606ba229babfc8cd6793835bcd9eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Max=20K=C3=A4nner?= Date: Mon, 20 May 2024 19:58:09 +0200 Subject: [PATCH] 325 current 1970-01-01 01:00:00 23.11.20240518.e7cc617 6.6.30-rt30 * --- hosts/MaxNixosLaptop/configuration.nix | 7 +- modules/nixos/default.nix | 5 - modules/nixos/sops.nix | 72 ++++---- modules/nixos/wifi.nix | 239 +++++++++++++++---------- 4 files changed, 187 insertions(+), 136 deletions(-) diff --git a/hosts/MaxNixosLaptop/configuration.nix b/hosts/MaxNixosLaptop/configuration.nix index 2b7faa2..44612ae 100644 --- a/hosts/MaxNixosLaptop/configuration.nix +++ b/hosts/MaxNixosLaptop/configuration.nix @@ -14,6 +14,11 @@ inputs.home-manager.nixosModules.default ]; + music.enable = true; + greetd.enable = true; + wifi.enable = true; + wifi.tray = true; + hardware.opengl = { enable = true; extraPackages = with pkgs; [ @@ -26,8 +31,6 @@ ]; }; - hardware.spacenavd.enable = true; - # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index bedab3c..b88a1ff 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,8 +1,3 @@ {...}: { imports = [./greetd.nix ./rebuild.nix ./sops.nix ./sway.nix ./wifi.nix ./music.nix]; - - config = { - music.enable = true; - greetd.enable = true; - }; } diff --git a/modules/nixos/sops.nix b/modules/nixos/sops.nix index 90b9e80..ee60200 100644 --- a/modules/nixos/sops.nix +++ b/modules/nixos/sops.nix @@ -1,33 +1,45 @@ -{sops, ...}: { - sops = { - age.keyFile = /home/max/.config/sops/age/keys.txt; - secrets = { - "home/ssid" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "home/psk" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "parents/ssid" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "parents/psk" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "eduroam/ident" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "eduroam/psk" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "luhbots/ssid" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "luhbots/ssid5" = { - sopsFile = ../../secrets/wifi.yaml; - }; - "luhbots/psk" = { - sopsFile = ../../secrets/wifi.yaml; +{ + lib, + config, + ... +}: let + cfg = config.secrets; +in { + options = { + secrets.enable = lib.mkEnableOption "sops, an secrets manager"; + }; + + config = lib.mkIf cfg.enable { + sops = { + age.keyFile = /home/max/.config/sops/age/keys.txt; + secrets = { + "home/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "home/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "parents/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "parents/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "eduroam/ident" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "eduroam/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/ssid5" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; }; }; }; diff --git a/modules/nixos/wifi.nix b/modules/nixos/wifi.nix index 7995e60..8b304fc 100644 --- a/modules/nixos/wifi.nix +++ b/modules/nixos/wifi.nix @@ -1,106 +1,147 @@ { + lib, config, pkgs, ... -}: { - sops.templates = let - placeholder = config.sops.placeholder; - in { - "home.nmconnection".content = '' - [connection] - id=${placeholder."home/ssid"} - type=wifi - autoconnect-priority=10 - - [wifi] - mode=infrastructure - ssid=${placeholder."home/ssid"} - - [wifi-security] - key-mgmt=wpa-psk - psk=${placeholder."home/psk"} - ''; - "parents.nmconnection".content = '' - [connection] - id=${placeholder."parents/ssid"} - type=wifi - autoconnect-priority=10 - - [wifi] - mode=infrastructure - ssid=${placeholder."parents/ssid"} - - [wifi-security] - key-mgmt=wpa-psk - psk=${placeholder."parents/psk"} - ''; - "eduroam.nmconnection".content = '' - [connection] - id=eduroam - type=wifi - autoconnect-priority=0 - - [wifi] - mode=infrastructure - ssid=eduroam - - [wifi-security] - auth-alg=open - key-mgmt=wpa-eap - - [802-1x] - anonymous-identity=anonymous@uni-hannover.de - ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt} - domain-suffix-match=radius-dfn.luis.uni-hannover.de - eap=ttls; - identity=${placeholder."eduroam/ident"} - password=${placeholder."eduroam/psk"} - phase2-auth=mschapv2 - ''; - "luhbots.nmconnection".content = '' - [connection] - id=${placeholder."luhbots/ssid"} - type=wifi - autoconnect-priority=5 - - [wifi] - mode=infrastructure - ssid=${placeholder."luhbots/ssid"} - autoconnect-priority=0 - - [wifi-security] - key-mgmt=wpa-psk - psk=${placeholder."luhbots/psk"} - ''; - "luhbots5.nmconnection".content = '' - [connection] - id=${placeholder."luhbots/ssid5"} - type=wifi - autoconnect-priority=10 - - [wifi] - mode=infrastructure - ssid=${placeholder."luhbots/ssid5"} - autoconnect-priority=0 - - [wifi-security] - key-mgmt=wpa-psk - psk=${placeholder."luhbots/psk"} - ''; +}: let + cfg = config.wifi; +in { + options = { + wifi.enable = lib.mkEnableOption "wifi"; + wifi.tray = lib.mkEnableOption "nm tray entry"; }; - environment.etc = let - template = config.sops.templates; - base = "NetworkManager/system-connections"; - in { - "${base}/home.nmconnection".source = template."home.nmconnection".path; - "${base}/parents.nmconnection".source = template."parents.nmconnection".path; - "${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path; - "${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path; - "${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path; - }; - networking.networkmanager.enable = true; - environment.systemPackages = with pkgs; [ - nm-tray - ]; + config = lib.mkIf cfg.enable { + environment.etc = let + template = config.sops.templates; + base = "NetworkManager/system-connections"; + in { + "${base}/home.nmconnection".source = template."home.nmconnection".path; + "${base}/parents.nmconnection".source = template."parents.nmconnection".path; + "${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path; + "${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path; + "${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path; + }; + networking.networkmanager.enable = true; + + environment.systemPackages = lib.optional cfg.tray pkgs.nm-tray; + + secrets.enable = true; + sops = { + secrets = { + "home/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "home/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "parents/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "parents/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "eduroam/ident" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "eduroam/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/ssid" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/ssid5" = { + sopsFile = ../../secrets/wifi.yaml; + }; + "luhbots/psk" = { + sopsFile = ../../secrets/wifi.yaml; + }; + }; + templates = let + placeholder = config.sops.placeholder; + in { + "home.nmconnection".content = '' + [connection] + id=${placeholder."home/ssid"} + type=wifi + autoconnect-priority=10 + + [wifi] + mode=infrastructure + ssid=${placeholder."home/ssid"} + + [wifi-security] + key-mgmt=wpa-psk + psk=${placeholder."home/psk"} + ''; + "parents.nmconnection".content = '' + [connection] + id=${placeholder."parents/ssid"} + type=wifi + autoconnect-priority=10 + + [wifi] + mode=infrastructure + ssid=${placeholder."parents/ssid"} + + [wifi-security] + key-mgmt=wpa-psk + psk=${placeholder."parents/psk"} + ''; + "eduroam.nmconnection".content = '' + [connection] + id=eduroam + type=wifi + autoconnect-priority=0 + + [wifi] + mode=infrastructure + ssid=eduroam + + [wifi-security] + auth-alg=open + key-mgmt=wpa-eap + + [802-1x] + anonymous-identity=anonymous@uni-hannover.de + ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt} + domain-suffix-match=radius-dfn.luis.uni-hannover.de + eap=ttls; + identity=${placeholder."eduroam/ident"} + password=${placeholder."eduroam/psk"} + phase2-auth=mschapv2 + ''; + "luhbots.nmconnection".content = '' + [connection] + id=${placeholder."luhbots/ssid"} + type=wifi + autoconnect-priority=5 + + [wifi] + mode=infrastructure + ssid=${placeholder."luhbots/ssid"} + autoconnect-priority=0 + + [wifi-security] + key-mgmt=wpa-psk + psk=${placeholder."luhbots/psk"} + ''; + "luhbots5.nmconnection".content = '' + [connection] + id=${placeholder."luhbots/ssid5"} + type=wifi + autoconnect-priority=10 + + [wifi] + mode=infrastructure + ssid=${placeholder."luhbots/ssid5"} + autoconnect-priority=0 + + [wifi-security] + key-mgmt=wpa-psk + psk=${placeholder."luhbots/psk"} + ''; + }; + }; + }; }