max/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

325 current 1970-01-01 01:00:00 23.11.20240518.e7cc617 6.6.30-rt30 *

Browse Source
This commit is contained in:
Max Känner 2024-05-20 19:58:09 +02:00
parent 01275a4785
commit d712b4d00d
4 changed files with 187 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/MaxNixosLaptop/configuration.nix
View File

@ -14,6 +14,11 @@
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
]; ];
music.enable = true;
greetd.enable = true;
wifi.enable = true;
wifi.tray = true;
hardware.opengl = { hardware.opengl = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
@ -26,8 +31,6 @@
]; ];
}; };
hardware.spacenavd.enable = true;
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

5
modules/nixos/default.nix
View File

@ -1,8 +1,3 @@
{...}: { {...}: {
imports = [./greetd.nix ./rebuild.nix ./sops.nix ./sway.nix ./wifi.nix ./music.nix]; imports = [./greetd.nix ./rebuild.nix ./sops.nix ./sway.nix ./wifi.nix ./music.nix];
config = {
music.enable = true;
greetd.enable = true;
};
} }

72
modules/nixos/sops.nix
View File

@ -1,33 +1,45 @@
{sops, ...}: { {
sops = { lib,
age.keyFile = /home/max/.config/sops/age/keys.txt; config,
secrets = { ...
"home/ssid" = { }: let
sopsFile = ../../secrets/wifi.yaml; cfg = config.secrets;
}; in {
"home/psk" = { options = {
sopsFile = ../../secrets/wifi.yaml; secrets.enable = lib.mkEnableOption "sops, an secrets manager";
}; };
"parents/ssid" = {
sopsFile = ../../secrets/wifi.yaml; config = lib.mkIf cfg.enable {
}; sops = {
"parents/psk" = { age.keyFile = /home/max/.config/sops/age/keys.txt;
sopsFile = ../../secrets/wifi.yaml; secrets = {
}; "home/ssid" = {
"eduroam/ident" = { sopsFile = ../../secrets/wifi.yaml;
sopsFile = ../../secrets/wifi.yaml; };
}; "home/psk" = {
"eduroam/psk" = { sopsFile = ../../secrets/wifi.yaml;
sopsFile = ../../secrets/wifi.yaml; };
}; "parents/ssid" = {
"luhbots/ssid" = { sopsFile = ../../secrets/wifi.yaml;
sopsFile = ../../secrets/wifi.yaml; };
}; "parents/psk" = {
"luhbots/ssid5" = { sopsFile = ../../secrets/wifi.yaml;
sopsFile = ../../secrets/wifi.yaml; };
}; "eduroam/ident" = {
"luhbots/psk" = { sopsFile = ../../secrets/wifi.yaml;
sopsFile = ../../secrets/wifi.yaml; };
"eduroam/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/ssid5" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
}; };
}; };
}; };

239
modules/nixos/wifi.nix
View File

@ -1,106 +1,147 @@
{ {
lib,
config, config,
pkgs, pkgs,
... ...
}: { }: let
sops.templates = let cfg = config.wifi;
placeholder = config.sops.placeholder; in {
in { options = {
"home.nmconnection".content = '' wifi.enable = lib.mkEnableOption "wifi";
[connection] wifi.tray = lib.mkEnableOption "nm tray entry";
id=${placeholder."home/ssid"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."home/ssid"}
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."home/psk"}
'';
"parents.nmconnection".content = ''
[connection]
id=${placeholder."parents/ssid"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."parents/ssid"}
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."parents/psk"}
'';
"eduroam.nmconnection".content = ''
[connection]
id=eduroam
type=wifi
autoconnect-priority=0
[wifi]
mode=infrastructure
ssid=eduroam
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[802-1x]
anonymous-identity=anonymous@uni-hannover.de
ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
domain-suffix-match=radius-dfn.luis.uni-hannover.de
eap=ttls;
identity=${placeholder."eduroam/ident"}
password=${placeholder."eduroam/psk"}
phase2-auth=mschapv2
'';
"luhbots.nmconnection".content = ''
[connection]
id=${placeholder."luhbots/ssid"}
type=wifi
autoconnect-priority=5
[wifi]
mode=infrastructure
ssid=${placeholder."luhbots/ssid"}
autoconnect-priority=0
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."luhbots/psk"}
'';
"luhbots5.nmconnection".content = ''
[connection]
id=${placeholder."luhbots/ssid5"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."luhbots/ssid5"}
autoconnect-priority=0
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."luhbots/psk"}
'';
}; };
environment.etc = let
template = config.sops.templates;
base = "NetworkManager/system-connections";
in {
"${base}/home.nmconnection".source = template."home.nmconnection".path;
"${base}/parents.nmconnection".source = template."parents.nmconnection".path;
"${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path;
"${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path;
"${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path;
};
networking.networkmanager.enable = true;
environment.systemPackages = with pkgs; [ config = lib.mkIf cfg.enable {
nm-tray environment.etc = let
]; template = config.sops.templates;
base = "NetworkManager/system-connections";
in {
"${base}/home.nmconnection".source = template."home.nmconnection".path;
"${base}/parents.nmconnection".source = template."parents.nmconnection".path;
"${base}/eduroam.nmconnection".source = template."eduroam.nmconnection".path;
"${base}/luhbots.nmconnection".source = template."luhbots.nmconnection".path;
"${base}/luhbots5.nmconnection".source = template."luhbots5.nmconnection".path;
};
networking.networkmanager.enable = true;
environment.systemPackages = lib.optional cfg.tray pkgs.nm-tray;
secrets.enable = true;
sops = {
secrets = {
"home/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
"home/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
"parents/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
"parents/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
"eduroam/ident" = {
sopsFile = ../../secrets/wifi.yaml;
};
"eduroam/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/ssid" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/ssid5" = {
sopsFile = ../../secrets/wifi.yaml;
};
"luhbots/psk" = {
sopsFile = ../../secrets/wifi.yaml;
};
};
templates = let
placeholder = config.sops.placeholder;
in {
"home.nmconnection".content = ''
[connection]
id=${placeholder."home/ssid"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."home/ssid"}
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."home/psk"}
'';
"parents.nmconnection".content = ''
[connection]
id=${placeholder."parents/ssid"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."parents/ssid"}
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."parents/psk"}
'';
"eduroam.nmconnection".content = ''
[connection]
id=eduroam
type=wifi
autoconnect-priority=0
[wifi]
mode=infrastructure
ssid=eduroam
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[802-1x]
anonymous-identity=anonymous@uni-hannover.de
ca-cert=${./T-TeleSec_GlobalRoot_Class_2.crt}
domain-suffix-match=radius-dfn.luis.uni-hannover.de
eap=ttls;
identity=${placeholder."eduroam/ident"}
password=${placeholder."eduroam/psk"}
phase2-auth=mschapv2
'';
"luhbots.nmconnection".content = ''
[connection]
id=${placeholder."luhbots/ssid"}
type=wifi
autoconnect-priority=5
[wifi]
mode=infrastructure
ssid=${placeholder."luhbots/ssid"}
autoconnect-priority=0
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."luhbots/psk"}
'';
"luhbots5.nmconnection".content = ''
[connection]
id=${placeholder."luhbots/ssid5"}
type=wifi
autoconnect-priority=10
[wifi]
mode=infrastructure
ssid=${placeholder."luhbots/ssid5"}
autoconnect-priority=0
[wifi-security]
key-mgmt=wpa-psk
psk=${placeholder."luhbots/psk"}
'';
};
};
};
} }