nixos-conf/modules/networking/wireless.nix

71 lines
1.8 KiB
Nix

{ config, lib, ... }:
let
cfg = config.custom.networking.wireless;
in
{
options.custom.networking.wireless.enable =
lib.mkEnableOption "wireless networking with preconfigured networks";
config = lib.mkIf cfg.enable {
sops = {
secrets = {
WRT_Personal_PSK.sopsFile = ../../secrets/wireless.yaml;
WLNPub_PSK.sopsFile = ../../secrets/wireless.yaml;
ViliMobile_PSK.sopsFile = ../../secrets/wireless.yaml;
};
templates."wpa_supplicant_secrets".content = ''
WRT_Personal_PSK=${config.sops.placeholder.WRT_Personal_PSK}
WLNPub_PSK=${config.sops.placeholder.WLNPub_PSK}
ViliMobile_PSK=${config.sops.placeholder.ViliMobile_PSK}
'';
};
networking.networkmanager.unmanaged = [ "except:type:wifi" ];
networking.wireless = {
fallbackToWPA2 = false;
enable = true;
userControlled.enable = true;
secretsFile = config.sops.templates."wpa_supplicant_secrets".path;
extraConfig = ''
mac_addr=1
'';
networks = {
WRT_Personal = {
authProtocols = [ "SAE" ];
pskRaw = "ext:WRT_Personal_PSK";
priority = 100;
extraConfig = ''
ieee80211w=2
pairwise=CCMP
group=CCMP
mac_addr=0
'';
};
WLNPub = {
# TODO Fix
pskRaw = "ext:WLNPub_PSK";
priority = 100;
extraConfig = ''
ieee80211w=2
pairwise=CCMP
group=CCMP
mac_addr=0
'';
};
ViliMobile = {
authProtocols = [ "SAE" ];
pskRaw = "ext:ViliMobile_PSK";
priority = 50;
extraConfig = ''
ieee80211w=2
pairwise=CCMP
group=CCMP
mac_addr=0
'';
};
};
};
};
}