patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

chore: update

Browse source 
feat: added iwd modules
This commit is contained in:
Patrick Großmann 2023-12-27 00:44:45 +01:00
parent 88e2378ec4
commit 60d2b30fe5
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
10 changed files with 257 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

140
flake.lock
View file

@ -8,14 +8,15 @@
], ],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ],
"systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1703260116, "lastModified": 1703433843,
"narHash": "sha256-ipqShkBmHKC9ft1ZAsA6aeKps32k7+XZSPwfxeHLsAU=", "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "d0d4ad5be611da43da04321f49684ad72d705c7e", "rev": "417caa847f9383e111d1397039c9d4337d024bf0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -242,11 +243,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1673295039, "lastModified": 1700795494,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943", "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -262,7 +263,7 @@
"agenix-rekey", "agenix-rekey",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1695195896, "lastModified": 1695195896,
@ -307,7 +308,7 @@
"nixos-extra-modules", "nixos-extra-modules",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_3" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1701787589, "lastModified": 1701787589,
@ -330,11 +331,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703162528, "lastModified": 1703532766,
"narHash": "sha256-pQ41wN6JlStkZOhRTIHEpuwVywLdh+xzZQW1+FzdjVs=", "narHash": "sha256-ojjW3cuNmqL5uqDWohwLoO8dYpheM5+AfgsNmGIMwG8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "a050895e4eb06e0738680021a701ea05dc8dbfc9", "rev": "1b191113874dee97796749bb21eac3d84735c70a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -519,7 +520,7 @@
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1681202837, "lastModified": 1681202837,
@ -537,7 +538,7 @@
}, },
"flake-utils_3": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_4" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1701680307, "lastModified": 1701680307,
@ -555,7 +556,7 @@
}, },
"flake-utils_4": { "flake-utils_4": {
"inputs": { "inputs": {
"systems": "systems_5" "systems": "systems_6"
}, },
"locked": { "locked": {
"lastModified": 1701680307, "lastModified": 1701680307,
@ -573,7 +574,7 @@
}, },
"flake-utils_5": { "flake-utils_5": {
"inputs": { "inputs": {
"systems": "systems_6" "systems": "systems_7"
}, },
"locked": { "locked": {
"lastModified": 1685518550, "lastModified": 1685518550,
@ -591,7 +592,7 @@
}, },
"flake-utils_6": { "flake-utils_6": {
"inputs": { "inputs": {
"systems": "systems_7" "systems": "systems_8"
}, },
"locked": { "locked": {
"lastModified": 1701680307, "lastModified": 1701680307,
@ -609,7 +610,7 @@
}, },
"flake-utils_7": { "flake-utils_7": {
"inputs": { "inputs": {
"systems": "systems_8" "systems": "systems_9"
}, },
"locked": { "locked": {
"lastModified": 1685518550, "lastModified": 1685518550,
@ -627,7 +628,7 @@
}, },
"flake-utils_8": { "flake-utils_8": {
"inputs": { "inputs": {
"systems": "systems_9" "systems": "systems_10"
}, },
"locked": { "locked": {
"lastModified": 1685518550, "lastModified": 1685518550,
@ -791,11 +792,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703178811, "lastModified": 1703527373,
"narHash": "sha256-Orbqa8DvszYZ38XGWAs43hVs++czt2N6/Y0sFRLhJms=", "narHash": "sha256-AjypRssRtS6F3xkf7rE3/bXkIF2WJOZLbTIspjcE1zM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "fb5ac0c870a1b3ffea70e02ab1720d991ce812ae", "rev": "80679ea5074ab7190c4cce478c600057cfb5edae",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -827,11 +828,11 @@
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1702984171, "lastModified": 1703562375,
"narHash": "sha256-reIUBrUXibohXmvXRsgpvtlCE0QQSvWSA+qQCKohgR0=", "narHash": "sha256-T46GgRVnSUo0DrCVAHreLNMgeCYmFvo469qj1Z6dYDQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "123e94200f63952639492796b8878e588a4a2851", "rev": "8d16ac97980b3641078dd7c11337bfaa77b45789",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -873,11 +874,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1702814943, "lastModified": 1703419730,
"narHash": "sha256-tNKSDbtoEDfCTs30dyW0Fcj4KJpjzTRASL6f2BbuSKE=", "narHash": "sha256-ZRqj/irxTzRoGne2eWmuNaSO1/rz22S1EGj+MJXINeo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lib-aggregate", "repo": "lib-aggregate",
"rev": "ac8b1c4cfb2f9111e709aaf503511df354e86733", "rev": "7deb8249793fd2e9244c4e652c18d95351eb1111",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -894,11 +895,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1702815315, "lastModified": 1703466376,
"narHash": "sha256-LEpv7kvB7KPj/6BoNYWMcVjRezTJe6FNmg5kCKZQxMk=", "narHash": "sha256-Wy8iF8u5KSzrTxg1hStTBmUjzzKdKyCyMOg8b/eTvVQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-eval-jobs", "repo": "nix-eval-jobs",
"rev": "3c6e1234af3aa26fc60d0969619cf6806ec51639", "rev": "64104a3c55593c903af78af86a4c9d2e5487a2d7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -936,11 +937,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702864432, "lastModified": 1703387252,
"narHash": "sha256-xR5Igg2hnm979W3YgMDrSjErHFhHo4rbMboF6DC0mbc=", "narHash": "sha256-XKJqGj0BaEn/zyctEnkgVIh6Ba1rgTRc+UBi9EU8Y54=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "4605ccd764fac78b9e4b5b058698cb9f04430b91", "rev": "f4340c1a42c38d79293ba69bfd839fbd6268a538",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1010,11 +1011,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1702453208, "lastModified": 1703545041,
"narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=", "narHash": "sha256-nvQA+k1rSszrf4kA4eK2i/SGbzoXyoKHzzyzq/Jca1w=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6", "rev": "a15b6e525f5737a47b4ce28445c836996fb2ea8c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1025,11 +1026,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1703013332, "lastModified": 1703255338,
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "narHash": "sha256-Z6wfYJQKmDN9xciTwU3cOiOk+NElxdZwy/FiHctCzjU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "rev": "6df37dc6a77654682fe9f071c62b4242b5342e04",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1041,11 +1042,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1702774034, "lastModified": 1703378839,
"narHash": "sha256-M0IsUA89EKHL8IDx9bf+e2W2l1kMRpaZ4h08navMXig=", "narHash": "sha256-wJDrJji9XNMgAsO+Ah34BaraG8bAw9GF7poJQPE0TqU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "9b4f1493009b8d2f55a525a01de10addc9a0a752", "rev": "9b3a550ca7d42f5ceb3acc13f95dae1a69e6de56",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1144,11 +1145,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703261986, "lastModified": 1703502790,
"narHash": "sha256-+OPGb6fOF1wpiCNnpnDHvLkwnhbcAx6785FyNdYupkI=", "narHash": "sha256-BMwU2OD7PB0ikWABs58c6kRkzxznIF/G8tacr9pENmE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs-wayland", "repo": "nixpkgs-wayland",
"rev": "e977dcdee6b4c944b6309cd7973fd27f73efa842", "rev": "95c67444c1886ed3cddd54da947237682c211c39",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1159,11 +1160,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1702539185, "lastModified": 1703134684,
"narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", "narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", "rev": "d6863cbcbbb80e71cecfc03356db1cda38919523",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1249,11 +1250,11 @@
"pre-commit-hooks": "pre-commit-hooks_3" "pre-commit-hooks": "pre-commit-hooks_3"
}, },
"locked": { "locked": {
"lastModified": 1703260550, "lastModified": 1703435563,
"narHash": "sha256-wPe+0oCgzvf9Ixscme+NUS4iRX0n/alJvt3msnu9vPA=", "narHash": "sha256-BDnoVc9Kvc9wo9lt8GC0kkqwLedP7lnBBdh1UHl4cPw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "e0521dde87825e4ed16e1ac5b6df9f1b7e60af05", "rev": "c11158c73e9a488d803356127a54af8101fc0051",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1387,11 +1388,11 @@
"nixpkgs-stable": "nixpkgs-stable_5" "nixpkgs-stable": "nixpkgs-stable_5"
}, },
"locked": { "locked": {
"lastModified": 1702456155, "lastModified": 1703426812,
"narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=", "narHash": "sha256-aODSOH8Og8ne4JylPJn+hZ6lyv6K7vE5jFo4KAGIebM=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc", "rev": "7f35ec30d16b38fe0eed8005933f418d1a4693ee",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1421,7 +1422,7 @@
"pre-commit-hooks": "pre-commit-hooks_4", "pre-commit-hooks": "pre-commit-hooks_4",
"spicetify-nix": "spicetify-nix", "spicetify-nix": "spicetify-nix",
"stylix": "stylix", "stylix": "stylix",
"systems": "systems_10", "systems": "systems_11",
"templates": "templates", "templates": "templates",
"wired-notify": "wired-notify" "wired-notify": "wired-notify"
} }
@ -1485,11 +1486,11 @@
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"
}, },
"locked": { "locked": {
"lastModified": 1703004037, "lastModified": 1703528325,
"narHash": "sha256-ceYPl/ML0kQBCUaOw0gG2TxHHEl4k9xivFpsdlKidIQ=", "narHash": "sha256-ajoMmEPbLhp9xsReDDQFaY7xX+ayIqwfMlZNg8YxHnw=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "d14ac4912a9ab02f8b49b761e9e4b9ae836171af", "rev": "7ccd1293a48f01eace7d0ce8d82af51919105b76",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1528,6 +1529,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_11": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": { "systems_2": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@ -1672,11 +1688,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702461037, "lastModified": 1702979157,
"narHash": "sha256-ssyGxfGHRuuLHuMex+vV6RMOt7nAo07nwufg9L5GkLg=", "narHash": "sha256-RnFBbLbpqtn4AoJGXKevQMCGhra4h6G2MPcuTSZZQ+g=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "d06b70e5163a903f19009c3f97770014787a080f", "rev": "2961375283668d867e64129c22af532de8e77734",
"type": "github" "type": "github"
}, },
"original": { "original": {

40
hosts/patricknix/net.nix
View file

@ -1,7 +1,33 @@
{config, ...}: { {config, ...}: {
age.secrets.eduroam = {
rekeyFile = ./secrets/iwd/eduroam.8021x.age;
path = "/var/lib/iwd/eduroam.8021x";
};
age.secrets.simonWlan = {
rekeyFile = ./. + "/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age";
path = "/var/lib/=467269747a21426f78373539302048616e7373656e.psk";
};
age.secrets = {
devoloog-psk.rekeyFile = ./secrets/iwd/devoloog-psk.age;
devoloog-pass.rekeyFile = ./secrets/iwd/devoloog-pass.age;
devoloog-sae19.rekeyFile = ./secrets/iwd/devoloog-sae19.age;
devoloog-sae20.rekeyFile = ./secrets/iwd/devoloog-sae20.age;
};
networking = { networking = {
inherit (config.secrets.secrets.local.networking) hostId; inherit (config.secrets.secrets.local.networking) hostId;
wireless.iwd.enable = true; wireless.iwd = {
enable = true;
networks = {
devoloog.settings = {
Security = {
PreSharedKey = config.age.secrets.devoloog-psk.path;
Passphrase = config.age.secrets.devoloog-pass.path;
SAE-PT-Group19 = config.age.secrets.devoloog-sae19.path;
SAE-PT-Group20 = config.age.secrets.devoloog-sae20.path;
};
};
};
};
# Add the VPN based route to my paperless instance to # Add the VPN based route to my paperless instance to
# etc/hosts # etc/hosts
extraHosts = '' extraHosts = ''
@ -45,16 +71,4 @@
dhcpV6Config.RouteMetric = 40; dhcpV6Config.RouteMetric = 40;
}; };
}; };
age.secrets.eduroam = {
rekeyFile = ./secrets/iwd/eduroam.8021x.age;
path = "/var/lib/iwd/eduroam.8021x";
};
age.secrets.devoloog = {
rekeyFile = ./secrets/iwd/devolo-og.psk.age;
path = "/var/lib/iwd/devolo-og.psk";
};
age.secrets.simonWlan = {
rekeyFile = ./. + "/secrets/iwd/=467269747a21426f78373539302048616e7373656e.psk.age";
path = "/var/lib/=467269747a21426f78373539302048616e7373656e.psk";
};
} }

BIN
hosts/patricknix/secrets/iwd/devolo-og.psk.age
View file

Binary file not shown.

13
hosts/patricknix/secrets/iwd/devoloog-pass.age Normal file
View file

@ -0,0 +1,13 @@
age-encryption.org/v1
-> X25519 Yu9I8MMeSOj0o/GgDHavd/h+nFBLg+HgynBS4CwPu2E
c4ZFdXhiZteLlJ2p5bwqYqxert3Tu77G4k+7wVskkDY
-> piv-p256 XTQkUA ApCLcyq6V/ViY/CPEv/xNE94dr4rMacDYQaVbm3XiRh0
sy28bqGANVFogK167Ug6UxlhCtu7VduqJRNf2JJy+3s
-> piv-p256 ZFgiIw A7MTWlpv3dxm3RqSvEYHolVR0Q9JVP+dlkf3PqwjtniY
jduMm3dHT/OZuvMTQ9mprd7mWU9cyiTkM557gOE6fz4
-> piv-p256 ZFgiIw AyNVo9CHra3CEkgHvzv4AfoAWgVXcoU4KmTYoc9XCydE
by2yKqbQ4VQl074EXRJsntYDc+pTF3s/aZjTHUxcOc8
-> 3h.^Qx$-grease [u;j} P`
02iOKQ
--- SxO9fHMpuwq7OtQW9oHce6yHT2HYz1dFb51IdfAirsE
šÌvµœÆ^k,Z5í×L<06>µÝ<05>?&Ë»ÀÄ<C380>²m-va„äÙ#hšiÁ—Ô

BIN
hosts/patricknix/secrets/iwd/devoloog-psk.age Normal file
View file

Binary file not shown.

14
hosts/patricknix/secrets/iwd/devoloog-sae19.age Normal file
View file

@ -0,0 +1,14 @@
age-encryption.org/v1
-> X25519 wtUBa6q5pJMUovFqGuAc1DgpxNNRcgPthhZVk/bJACY
TMyIvn5VGVxkTZYlxC6THUx2Yt88O1RxA/PVLrLEYmg
-> piv-p256 XTQkUA A5OxSdYZQqYkmarOpN6+lMA5z0thAwm5i1meR4baWVCg
ElbvdOqrb/gBlT/GRu7S8W1oIc3gHjbg8qh4aYCafkk
-> piv-p256 ZFgiIw AiaHGpxO8gsff4IIivHv6DsVQttjo1xAXu5DPv7ySTmM
cwiyq2nldnuyjv8RCu0LdK6CozWJhKyT3KOYZdNOX2o
-> piv-p256 ZFgiIw A+jEsJv/aasqc0pS9/YQVD8r9r7zE7TN1RQ4x3O9MGRH
muRbzTO5YKPV3SNxWlJmaYM/zaJ4Vibrw2rll9nhzcQ
-> `8G"-grease ^~S m9}+NyN! 0gUY%;m-
+C2Dt3GcIaS/w1u7wT0i2ImeFHLFuPZ8MLB2MIEWF0sMQauWc2XFN+dXxeUPCYl1
ZSbY0u9KYqom9YsB5g
--- 661TNgwiETit9dGIYNyOJv/4FQzpMOZ5WFrkz79TvcI
«Täé_<EFBFBD>$A£XàöáóH•zkwx'[z/*yò Ô¤~T4à§Ä—üd7!v5\¿¯¦Až¬Îž0OèËSµi¤j+Ô£&É×äy¶Ò¨¯ÃGEÇ/üj12MÏC‘Ä?щ+ßP)Èâ<¸ BßÇMÍp:6ç…|·Þ<L<>{þਙƒ 3=)QéQ<>f½-G”µÂPÅrD5ÔeìÈš

14
hosts/patricknix/secrets/iwd/devoloog-sae20.age Normal file
View file

@ -0,0 +1,14 @@
age-encryption.org/v1
-> X25519 Ro0Os6I8MZwpIM1Od486oz5tlrCuXB8GGcIrPV8S1CQ
jVaINyZ0hZBoJn5iSpThaCH5SPLK5c2xL2pr4KXXrmM
-> piv-p256 XTQkUA AxMy20+EpCAgIyS6vp+qKDOju69nv3oua4swBnias6Jl
JRjc0UM3RdZ/VTj5lD5yIfGpVfiXKrIRAPJMghshHFk
-> piv-p256 ZFgiIw A35QGD5lRwczOKg2K/ZdgTRvyLdtNH57HKw6AoODkU8C
MBMOrxxWsL8xpUPskSCZkesB7htVexF1yGAUDDn0pK8
-> piv-p256 ZFgiIw ApYHmHpIDyTgem54u7WRU35tJNgGZjA8aFd0UtMpkmXE
K7XdZit5Gkz2/D6UzMFUpobfnZXh1JWbV+/D0tNNrGw
-> jY-grease JDpeU' .3$h
lxaZZDyTUPhkis3ib33jT5GSOZa+EaheyHb7
--- kL8WcOpKnQnZmww5ruBhlnHkryfirjgP7D3970gC3kQ
ì ô¨~Žƒúhªª¸Uþ- úˆ€ü–š »±Ýqáx-|{zG ¶É¶y¾¯å4À@Ý<‡¢¯<M¶,`q¯¾ ¢îÜml½¬R¯  “ª\"†ÒíEঌŒ¡GÉ <20>?Xø>
îƒyä<EFBFBD>¦ˆÛxZ «XÆÖJ^4Ý{PœhŨË"ÑCO¤Š½´7! Âoiï"øW¼<57>t<‰·I燮šMÒ>tITAno ®Bƒ·{‡k­çž$ÁhI ¤I¥¡cÓtX?¼ê² ýüj

BIN
hosts/patricknix/secrets/iwd/kaist.8021x.age
View file

Binary file not shown.

1
modules/config/default.nix
View file

@ -22,6 +22,7 @@
../meta.nix ../meta.nix
../smb-mounts.nix ../smb-mounts.nix
../deterministic-ids.nix ../deterministic-ids.nix
../optional/iwd.nix
./impermanence ./impermanence
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default

110
modules/optional/iwd.nix Normal file
View file

@ -0,0 +1,110 @@
{
lib,
pkgs,
config,
...
}: {
options.networking.wireless.iwd = let
inherit
(lib)
mkOption
literalExample
types
hasAttrByPath
;
in {
networks = mkOption {
default = {};
example = literalExample ''
{ "karlsruhe.freifunk.net" = {};
};
'';
description = ''
Declarative configuration of wifi networks for
<citerefentry><refentrytitle>iwd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
All networks will be stored in
<literal>/var/lib/iwd/&lt;name&gt;.&lt;type&gt;</literal>.
Since each network is stored in its own file, declarative networks can be used in an
environment with imperatively added networks via
<citerefentry><refentrytitle>iwctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
'';
type = types.attrsOf (types.submodule ({config, ...}: {
config.kind =
if (hasAttrByPath ["Security" "Passphrase"] config.settings)
then "psk"
else if !(hasAttrByPath ["Security"] config.settings)
then "open"
else "8021x";
options = {
kind = mkOption {
type = types.enum ["open" "psk" "8021x"];
description = "The type of network. This will determine the file ending. The module will try to determine this automatically so this should only be set when the heuristics fail.";
};
settings = mkOption {
type = with types; (attrsOf (attrsOf str));
description = ''
Contents of the iwd config file for this network
If a file named like this exists the content will be read from file, else the raw string will be used.
'';
default = {};
};
};
}));
};
};
config = let
inherit
(lib)
mkIf
flip
mapAttrsToList
concatStringsSep
hasPrefix
;
cfg = config.networking.wireless.iwd;
encoder = pkgs.writeScriptBin "encoder" ''
#! ${pkgs.runtimeShell} -e
# Extract file-ext from network names
ext="$(sed -re 's/.*\.(8021x|open|psk)$/\1/' <<< "$*")"
to_enc="$(sed -re "s/(.*)\.$ext/\1/g" <<< "$*")"
# Encode ssid (excluding file-extensio) as base64 if needed
[[ "$to_enc" =~ ^[[:alnum:]]+$ ]] && { echo "$to_enc.$ext"; exit 0; }
echo "=$(printf "$to_enc" | ${pkgs.unixtools.xxd}/bin/xxd -pu).$ext"
'';
in
mkIf cfg.enable {
systemd.services.iwd = mkIf (cfg.networks != {}) {
path = [encoder];
preStart = let
dataDir = "/var/lib/iwd";
in ''
# Create config files for declaratively defined networks in the NixOS config.
${concatStringsSep "\n" (flip mapAttrsToList cfg.networks (network: config: ''
filename=${dataDir}/"$(encoder '${network}.${config.kind}')"
touch "$filename"
cat >$filename <<EOF
${concatStringsSep "\n" (flip mapAttrsToList config.settings (toplevel: config: ''
[${toplevel}]
${concatStringsSep "\n" (flip mapAttrsToList config (name: value: ''
${name}=${
if hasPrefix "/" value
then "$(<${value})"
else value
}
''))}
''))}
EOF
''))}
'';
};
};
}