dunkirk.sh / dots
Kieran's opinionated (and probably slightly dumb) nix config
fork atom

feat: add eduroam support

dunkirk.sh fa28055c a2ff4a53

verified
options
unified split
Changed files
+55 -2
machines
moonlark
default.nix
modules
nixos
system
wifi.nix
secrets
wifi.age
+5
machines/moonlark/default.nix 
···

       
312

       
312

       
 

       
        "QargoCoffee-Guest".psk = "Lavazza@7";


     

       
313

       
313

       
 

       
        "Fulton".psk = "9064405930";


     

       
314

       
314

       
 

       
        "TP-LINK_ECF0".psk = "ad1066AD!";


     

       

       
315

       
+

       
        "eduroam" = {


     

       

       
316

       
+

       
          eduroam = true;


     

       

       
317

       
+

       
          identity = "kieranklukas@cedarville.edu";


     

       

       
318

       
+

       
          pskVar = "psk_cedarville";


     

       

       
319

       
+

       
        };


     

       
315

       
320

       
 

       
      };


     

       
316

       
321

       
 

       
    };


     

       
317

       
322

       
 

       
  };
+50 -2
modules/nixos/system/wifi.nix 
···

       
3

       
3

       
 

       
# This module provides a simpler way to declare wifi profiles with network manager.


     

       
4

       
4

       
 

       
# - you can pass the PSK via environment variable, direct value, or file.


     

       
5

       
5

       
 

       
# - profiles are defined in `atelier.network.wifi.profiles`.


     

       

       
6

       
+

       
# - eduroam networks are supported with the `eduroam = true` flag.


     

       
6

       
7

       
 

       
#


     

       
7

       
8

       
 

       
# Example usage:


     

       
8

       
9

       
 

       
#   atelier.network.wifi = {


     

       
9

       
10

       
 

       
#     enable = true;


     

       
10

       
11

       
 

       
#     profiles = {


     

       
11

       
12

       
 

       
#       "MySSID" = { psk = "supersecret"; };


     

       

       
13

       
+

       
#       "eduroam" = {


     

       

       
14

       
+

       
#         eduroam = true;


     

       

       
15

       
+

       
#         identity = "user@university.edu";


     

       

       
16

       
+

       
#         psk = "password";


     

       

       
17

       
+

       
#       };


     

       
12

       
18

       
 

       
#     };


     

       
13

       
19

       
 

       
#   };


     

       
14

       
20

       
 

       



     
···

       
26

       
32

       
 

       
      pskVar ? null,


     

       
27

       
33

       
 

       
      psk ? null,


     

       
28

       
34

       
 

       
      pskFile ? null,


     

       

       
35

       
+

       
      eduroam ? false,


     

       

       
36

       
+

       
      identity ? null,


     

       
29

       
37

       
 

       
    }:


     

       
30

       
38

       
 

       
    let


     

       
31

       
39

       
 

       
      base = {


     
···

       
44

       
52

       
 

       
        };


     

       
45

       
53

       
 

       
      };


     

       
46

       
54

       
 

       
      sec =


     

       
47

       

       
-

       
        if pskVar != null then


     

       

       
55

       
+

       
        if eduroam then


     

       

       
56

       
+

       
          if pskVar != null then


     

       

       
57

       
+

       
            {


     

       

       
58

       
+

       
              wifi-security = {


     

       

       
59

       
+

       
                key-mgmt = "wpa-eap";


     

       

       
60

       
+

       
                password = "$" + pskVar;


     

       

       
61

       
+

       
                identity = identity;


     

       

       
62

       
+

       
                phase2-auth = "mschapv2";


     

       

       
63

       
+

       
              };


     

       

       
64

       
+

       
            }


     

       

       
65

       
+

       
          else if psk != null then


     

       

       
66

       
+

       
            {


     

       

       
67

       
+

       
              wifi-security = {


     

       

       
68

       
+

       
                key-mgmt = "wpa-eap";


     

       

       
69

       
+

       
                password = psk;


     

       

       
70

       
+

       
                identity = identity;


     

       

       
71

       
+

       
                phase2-auth = "mschapv2";


     

       

       
72

       
+

       
              };


     

       

       
73

       
+

       
            }


     

       

       
74

       
+

       
          else if pskFile != null then


     

       

       
75

       
+

       
            {


     

       

       
76

       
+

       
              wifi-security = {


     

       

       
77

       
+

       
                key-mgmt = "wpa-eap";


     

       

       
78

       
+

       
                password = "$(" + pkgs.coreutils + "/bin/cat " + pskFile + ")";


     

       

       
79

       
+

       
                identity = identity;


     

       

       
80

       
+

       
                phase2-auth = "mschapv2";


     

       

       
81

       
+

       
              };


     

       

       
82

       
+

       
            }


     

       

       
83

       
+

       
          else


     

       

       
84

       
+

       
            { }


     

       

       
85

       
+

       
        else if pskVar != null then


     

       
48

       
86

       
 

       
          {


     

       
49

       
87

       
 

       
            wifi-security = {


     

       
50

       
88

       
 

       
              key-mgmt = "wpa-psk";


     
···

       
106

       
144

       
 

       
                type = lib.types.nullOr lib.types.path;


     

       
107

       
145

       
 

       
                default = null;


     

       
108

       
146

       
 

       
              };


     

       

       
147

       
+

       
              eduroam = lib.mkOption {


     

       

       
148

       
+

       
                type = lib.types.bool;


     

       

       
149

       
+

       
                default = false;


     

       

       
150

       
+

       
                description = "Enable eduroam configuration";


     

       

       
151

       
+

       
              };


     

       

       
152

       
+

       
              identity = lib.mkOption {


     

       

       
153

       
+

       
                type = lib.types.nullOr lib.types.str;


     

       

       
154

       
+

       
                default = null;


     

       

       
155

       
+

       
                description = "Identity for eduroam authentication";


     

       

       
156

       
+

       
              };


     

       
109

       
157

       
 

       
            };


     

       
110

       
158

       
 

       
          }


     

       
111

       
159

       
 

       
        )


     

       
112

       
160

       
 

       
      );


     

       
113

       
161

       
 

       
      default = { };


     

       
114

       

       
-

       
      description = "Map of SSID -> { pskVar | psk | pskFile }.";


     

       

       
162

       
+

       
      description = "Map of SSID -> { pskVar | psk | pskFile | eduroam config }.";


     

       
115

       
163

       
 

       
    };


     

       
116

       
164

       
 

       
  };


     

       
117

       
165
secrets/wifi.age

This is a binary file and will not be displayed.