diff --git a/hosts/seb-laptop/secrets.yaml b/hosts/seb-laptop/secrets.yaml index f38fff2..e3737d6 100644 --- a/hosts/seb-laptop/secrets.yaml +++ b/hosts/seb-laptop/secrets.yaml @@ -1,5 +1,8 @@ seb-password: ENC[AES256_GCM,data:LlW1njlY0tVfYne/NFM2KJbAPb4eAQgy0mPMIZAIPH5mdr7cSCaPYhc+WF5ZlrlL//mh8WHhsHbEBuA6P7oabSeP6ZczCmTV6w==,iv:oWQj47oxjxR3DBHhFwUD/Emj5ziZHwcbXzD69ChRmHU=,tag:cuTloyd4HW6behF8fmWdxw==,type:str] -wlan.env: ENC[AES256_GCM,data:rHT226tpqdze1P875A9E8yiXe27RztJld9hY4Zzxo+6Ik1DrXA1x7LAr/Hfbp9hr6GPuvtBKBR+pAg+AcoB5qN21FZ6LP6lvsAbjOrGRfUlphl6oEa4xBpWdN8vVeNUEGbCxB0M+7XK65fHE5UDP4FdeJpC5XH1k2ZKqYA7o/CENBA1+uxoI8cAEMlGhu04hJkY9VBhC3zcOtszcUKAxJASDicLKJ18+,iv:u5Wud1pDuvYlTu0Ls50eDtkc7rpnWz3dPo68fxJq/Qk=,tag:GpONClKtiDGmM9O0BlcSdg==,type:str] +iwd: + WLAN-233151: ENC[AES256_GCM,data:qnP47hqkVVAWycWaradtJQ/AUu6Jqhh281az4lHp9Vo6bmRLWNga2vG0Sg==,iv:+pC6EVtgzxR//bMJCDyzmsBrT25pcGZ5sAEkUkohU5Y=,tag:tAokgFEzr2S5B4UreB5lPA==,type:str] + Fairphone4: ENC[AES256_GCM,data:BUSZHUxLNPCVc+h8VvcGo11ZHt04s7HVDOh0oaSOl/oB4dQ=,iv:YGbX6sF2FtjPwuGQGcQutWz7TD4Lg8DG0zi7ddXCkas=,tag:cNKu8xvrLOGy4Vq7WIBFTg==,type:str] + LGS: ENC[AES256_GCM,data:4z+PGrKLi99dMvapF2crWhebrxyRaxgHdP+y34YHSTa2Rkz5uaSWiACAhamkCxphdFtojosO6kKuKIU4QFRsEyPNsQobSXRmvmFHcI7x0GAer8rj+9kMsIDMKAjObmaTR6YuKrVu9r6QO9Jz/cyKgte4yT5BPvvfDkWwf8X5UzvXUrz1dwwU968Pb0oWPYpsQe12YQwwtLb6hppJhZQ6VLPH4Q/9sMLanQlydgzCFmNI8w==,iv:6erAKGCFovdrNAAyRw7z+/Gt+m9LOHVKuxVaYt8PkVo=,tag:KRJ+BZQKCJL0uno9qRPRXw==,type:str] vpn: lgs: crt: ENC[AES256_GCM,data:9Qlb3FocGtzE6YHaT3stDUqsdpW4mj8SnJ04LBiJLSxFxwRt8XTgdLcIhfBhrIRPkk3UEyX/JrELgvBa/3FdY07vOnXFN6wWGjolqmRRwf5hqtosJBzuvE5EQVQEntCbry0MJgXDVrnnQmibQyoAPaM2ac+oAQEKTH0tMN+jyB5lMhPrOyA2bneJpyr13ZpudJSHO8TvxiRdhNPCYJMlzLTRi+ojhg1xwq4jbR8FGkzYcnc7HAQxdGj4rtzvfF1LBtwfAlFIt08DaeFHYXE6iEBTRYmZlk6A3ezY3aKght57d6Sf/2UBBZ/eroeDFG4cSueZkVm8WaTchoCFdEO/ll1wljl7N0pzWaiwL0WGFPnFFewfMs3x/oh3o7b8aCpr3tclWLh8D5uqi0+1FJi3FF0ngZaPQaNnDUZznb3wIc35HfYHgd4sQ2wOeN0smHACMSnNodkeWi66KExWR9c2XPDnIJJFkehkJQoPSMypcJDV64+erZfroO7P0OfoVkqVfZKKDjV2msFyeSR4b2beJ1DAq54Q79IXXaz90XZGwqFJb5mj4bUZCbz3G6AnLVW/VdeIQrYsVcA1gqPVmsKnToTtJgb0ZNRW8F2Df75lXV1R/AoxpIotgsnQ2b2L0j/Pc907jK7efn4d3dVE8lIHBxV0PpWtH6ppNkkqAV5QIwiIlZwvjIGHrJ/uH+aZCmyw4AsR1VdgSa39vxZtTV5fSTFVTZZa7rQ5To8TUnUjjYT5kEX+u6Gu2yq0QiVQDsiau5OZqvi1Bjzkc3wlLRaFJSvNPkopQt1Yw62XOqVONhQDoXdcxRjNJgmvpzew4w7ccCGjhseEh48yRHdMq8KxTkkhuRucs/WqGOrxyGhTFVCpqneCOuEqEvSnwLZKv5M86TyoA6ZhfD6QIrYmwR4xlrtNMTCxdJOMpsGUYfDfMehL+y7NmyfTrJ/E5SENzttwV4RALNk25SJajXTroMcrL96c3M+d3qXM7s58hbcPfEiqKt6ZHTm0sUnOQa550oQ1xco/u2UKsy5GD/LLvGMuyq1cTzGz2C7PhDD5HvvdQ2I2nsKYSRRmwe5lV2/6qY6JLnlAI1fqJoN3uFUy5I719JQ8w0K1q+gq7FshZ4odEEynMsFZy2y4iSGL4MdKnLNk8dkBZhq0ZwJKPaH4iLDlzZyPQifg0NxKNTA5mU70GCTyr0NxmQqMLTYdrCg+Bz1R6vVcqOTIDz7PX+zvZzFLXa0b0WVcwiJy8acP3ACUZ+he+/m3qD28QyOQ3lsUMkJQHQuAywX+wz1HvqLcYEnKFkfiJpZW33qxrU7qjvrLzc9eKZkLqjdagA6t1TXx3gMT7ZuvfTzjn5KvTVG0KDd+XHVSpUojxB5ICAf+XYD41F4u++SAqnS/KYJOEI5sQL+eHzWxCXWDWlmttJXKBLH8DxRk+oUxR+GYWxobnEYfKg7wRm6fkAYxgU5A1JR8rdNcJtKL689Q57XdzjAhcK8a7fJAqG4fBBn3pPw4iEdGF970UD3tgfeUmtRUtaoeXmSpL2/lx1yibn6vOU4iRm5AcPZEAtJiZvGWFN2BGIHuM9TPB78sDSP8xwW3X1FBfbKnMtyxTfrYv4gQ/qBNbk+K7cUgzemB7jHiZfBG/VFrclkw0VSEOBWHPh8iXcdCqCr3zG9I6w7jEytXbZQaJ1+oJtjVD3Wdzqkuz0ZVqEghgyyx0QOcW+u25E+GTHou9XGWaHKp3UKArMvZPW5YLx6cmdqQv+S3LGCVkjrH+4XWwi+OfKlqwJKRI17wnXqcr/e2wSoqnC/PEgqfh22NK4pKPD4XgQiEhhI/nscvXPimcHf0kZ/1bfI5nRIHN+nvs8FEo0lLduoqaYEfG97MfIkIpjXjdhIA/ZVl3AIndTN4x3rPpp3ZI0Dath5tXUU+Kykd3OweWQ68pHW2gektgQaPzFuu8EXqCIyXYZt5byqXJMBbpzW1FqfLZ2QsY/ErXjRB6fzOwaryIr8mqN53MaqI84Ds3k1aqjt9zbHjUH7XevMBgnXd+UWyIpbB0Po8iGYjIeiLJ9DlVQ0y7TmJP3S6dtavRR7FrYwmxToBMEvZq3qXyB5WczfR4NeUZpXGAW91fRFn0RHJM6NdGlvWRRQJUtxRcxg7oIP+NJ1QVX/D9aL8UnzS8jfc2/MVOA==,iv:aqS/HpkOYCNmBHKWjJfGFyqhWJF9ZufL91ypK4fwkaQ=,tag:8WKxT6zHdkp3N5brtckoPA==,type:str] @@ -19,8 +22,8 @@ sops: N2dzR01qQnVxb3UvdUZLZ05jcDdjUGMKjx1BGh8c+OqXwUKeceUMUjuZgo04H0oy t3HZbqg62Bj+Ucun+lt9sOA1uHHSQsn91i8WTxdrOyiX7WpfiASE1w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-02T22:20:53Z" - mac: ENC[AES256_GCM,data:WRmSFRw2zxG6SoC8Q8hrTpXhFerBPXSVk10t6OIzPqMQTyzfRdR/c9SYfN57ogfKTxnKRXKTxJt4xg/SQn7t09EVMLSQfS+cXLvv1o/kaf3JVXl3EXjPR1PsL1MuWG+PPyLZ8vSIjLbUOYtgL+RPSOnd1uoFFZSZeIPCX0B+W2E=,iv:nJIp2hmcoIScVyw9QMDNbh7/CqOZgHDlHgj2KLhVHTI=,tag:b75HnLD+3aEoieaqJ/Dvlg==,type:str] + lastmodified: "2024-04-21T17:56:11Z" + mac: ENC[AES256_GCM,data:rTTt8W4biTuzf8lkT6txlggpBhHEfv2XuSs/Mu3DU/y9TygQhmqpwbBjghLpYeeC+V+YTOKwmnPBu4FP147wJAL8tWqI7nY0EFGD5CSAF13bnBG2KE+KZGiI+SWi+uGFzBFsBbXDEbcJyt45/MUt8PTWiL9nea1x5Tt9hx02mn8=,iv:QDN5D5tCUrxgjcjk55DOPT+EaMTTLtq3QPqA3Tnne5w=,tag:FUNM9vgCSMv+T6SlIpyFCQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/modules/system/wlan.nix b/modules/system/wlan.nix index ea5ba30..1c18fcf 100644 --- a/modules/system/wlan.nix +++ b/modules/system/wlan.nix @@ -1,96 +1,33 @@ { config, + pkgs, lib, ... }: { options.myConfig.wlan.enable = lib.mkEnableOption ""; config = lib.mkIf config.myConfig.wlan.enable { - sops.secrets."wlan.env" = {}; + sops.secrets = { + "iwd/WLAN-233151" = {}; + "iwd/Fairphone4" = {}; + "iwd/LGS" = {}; + }; - networking.networkmanager = { + networking.wireless.iwd = { enable = true; - ensureProfiles = { - environmentFiles = [config.sops.secrets."wlan.env".path]; - - profiles = { - home = { - connection = { - id = "home"; - uuid = "24b856a6-27eb-4c4f-b85c-f59ab0824965"; - type = "wifi"; - interface-name = "wlp2s0"; - }; - wifi = { - mode = "infrastructure"; - ssid = "$HOME_SSID"; - }; - wifi-security = { - auth-alg = "open"; - key-mgmt = "wpa-psk"; - psk = "$HOME_PSK"; - }; - ipv4.method = "auto"; - ipv6 = { - addr-gen-mode = "default"; - method = "auto"; - }; - }; - - mobile = { - connection = { - id = "mobile"; - uuid = "e3a749cf-a103-4e1e-a50c-4a4898bafcf6"; - type = "wifi"; - interface-name = "wlp2s0"; - }; - wifi = { - mode = "infrastructure"; - ssid = "$MOBILE_SSID"; - }; - wifi-security = { - auth-alg = "open"; - key-mgmt = "wpa-psk"; - psk = "$MOBILE_PSK"; - }; - ipv4.method = "auto"; - ipv6 = { - addr-gen-mode = "default"; - method = "auto"; - }; - }; - - school = { - connection = { - id = "school"; - uuid = "bfdf4e7f-d2c4-4ab6-b833-37ecd5199b22"; - type = "wifi"; - interface-name = "wlp2s0"; - }; - wifi = { - mode = "infrastructure"; - ssid = "$SCHOOL_SSID"; - }; - wifi-security = { - auth-alg = "open"; - key-mgmt = "wpa-eap"; - }; - "802-1x" = { - domain-suffix-match = "lgs-hu.eu"; - eap = "ttls;"; - identity = "$SCHOOL_ID"; - password = "$SCHOOL_PSK"; - phase2-auth = "pap"; - }; - ipv4.method = "auto"; - ipv6 = { - addr-gen-mode = "default"; - method = "auto"; - }; - }; - }; + settings = { + General.EnableNetworkConfiguration = true; + Settings.AutoConnect = true; }; }; + + systemd.tmpfiles.rules = [ + "C /var/lib/iwd/WLAN-233151.psk 0600 root root - ${config.sops.secrets."iwd/WLAN-233151".path}" + "C /var/lib/iwd/Fairphone4.psk 0600 root root - ${config.sops.secrets."iwd/Fairphone4".path}" + "C /var/lib/iwd/LGS.8021x 0600 root root - ${config.sops.secrets."iwd/LGS".path}" + ]; + + environment.systemPackages = [pkgs.iwgtk]; }; }