Refactor wlan module

2026-01-21 18:41:34 +01:00 · 2025-05-29 22:11:29 +02:00 · 2025-05-29 22:11:29 +02:00 · 091f6a0e91
commit 091f6a0e91
parent cd723b7fe8
2 changed files with 46 additions and 83 deletions
--- a/modules/system/wlan.nix
+++ b/modules/system/wlan.nix
@ -5,67 +5,41 @@
  ...
 }:
 let
-  pskSsids = [
-    "WLAN-233151"
-    "EW90N"
-    "Fairphone4"
-    "DSL_EXT"
+  networks = [
+    "EW90N.psk"
+    "Fairphone4.psk"
+    "WLAN-233151.psk"
+    "DSL_EXT.psk"
+    "eduroam.8021x"
  ];
 in
 {
  options.custom.wlan.enable = lib.mkEnableOption "";

  config = lib.mkIf config.custom.wlan.enable (
-    lib.mkMerge [
-      {
-        networking.wireless.iwd = {
-          enable = true;
-          settings = {
-            General.EnableNetworkConfiguration = true;
-            Settings.AutoConnect = true;
-            Network.NameResolvingService = "resolvconf";
-          };
-        };
-
-        environment.systemPackages = [ pkgs.iwgtk ];
-
-        sops = {
-          secrets = {
-            "wlan/eduroam/password" = { };
-            "wlan/eduroam/cert" = { };
+    lib.mkMerge (
+      lib.flatten [
+        {
+          networking.wireless.iwd = {
+            enable = true;
+            settings = {
+              General.EnableNetworkConfiguration = true;
+              Settings.AutoConnect = true;
+              Network.NameResolvingService = "resolvconf";
+            };
          };

-          templates."iwd/eduroam.8021x".content = ''
-            [Security]
-            EAP-Method=PEAP
-            EAP-Identity=anonymous@h-da.de
-            EAP-PEAP-CACert=${config.sops.secrets."wlan/eduroam/cert".path}
-            EAP-PEAP-Phase2-Method=MSCHAPV2
-            EAP-PEAP-Phase2-Identity=sebastian.stork@stud.h-da.de
-            EAP-PEAP-Phase2-Password=${config.sops.placeholder."wlan/eduroam/password"}
-          '';
-        };
-
-        systemd.tmpfiles.rules = [
-          "C /var/lib/iwd/eduroam.8021x - - - - ${config.sops.templates."iwd/eduroam.8021x".path}"
-        ];
-      }
-
-      (lib.mkMerge (
-        lib.forEach pskSsids (ssid: {
-          sops = {
-            secrets."wlan/${ssid}/key" = { };
-            templates."iwd/${ssid}.psk".content = ''
-              [Security]
-              Passphrase=${config.sops.placeholder."wlan/${ssid}/key"}
-            '';
-          };
+          environment.systemPackages = [ pkgs.iwgtk ];
+        }

+        (lib.forEach networks (name: {
+          sops.secrets."iwd/${name}" = { };
+          
          systemd.tmpfiles.rules = [
-            "C /var/lib/iwd/${ssid}.psk - - - - ${config.sops.templates."iwd/${ssid}.psk".path}"
+            "C /var/lib/iwd/${name} - - - - ${config.sops.secrets."iwd/${name}".path}"
          ];
-        })
-      ))
-    ]
+        }))
+      ]
+    )
  );
 }