feat: add eduroam support · dunkirk.sh/dots@fa28055

dunkirk.sh / dots

fork atom

Kieran's opinionated (and probably slightly dumb) nix config

fork atom

feat: add eduroam support

dunkirk.sh 6 months ago fa28055c a2ff4a53

verified

+55 -2

3 changed files

expand all

unified split

machines

moonlark

default.nix

modules

nixos

system

wifi.nix

secrets

wifi.age

machines/moonlark/default.nix

··· 312 312 "QargoCoffee-Guest".psk = "Lavazza@7"; 313 313 "Fulton".psk = "9064405930"; 314 314 "TP-LINK_ECF0".psk = "ad1066AD!"; 315 + "eduroam" = { 316 + eduroam = true; 317 + identity = "kieranklukas@cedarville.edu"; 318 + pskVar = "psk_cedarville"; 319 + }; 315 320 }; 316 321 }; 317 322 };

+50 -2

modules/nixos/system/wifi.nix

··· 3 3 # This module provides a simpler way to declare wifi profiles with network manager. 4 4 # - you can pass the PSK via environment variable, direct value, or file. 5 5 # - profiles are defined in `atelier.network.wifi.profiles`. 6 + # - eduroam networks are supported with the `eduroam = true` flag. 6 7 # 7 8 # Example usage: 8 9 # atelier.network.wifi = { 9 10 # enable = true; 10 11 # profiles = { 11 12 # "MySSID" = { psk = "supersecret"; }; 13 + # "eduroam" = { 14 + # eduroam = true; 15 + # identity = "user@university.edu"; 16 + # psk = "password"; 17 + # }; 12 18 # }; 13 19 # }; 14 20 ··· 26 32 pskVar ? null, 27 33 psk ? null, 28 34 pskFile ? null, 35 + eduroam ? false, 36 + identity ? null, 29 37 }: 30 38 let 31 39 base = { ··· 44 52 }; 45 53 }; 46 54 sec = 47 - if pskVar != null then 55 + if eduroam then 56 + if pskVar != null then 57 + { 58 + wifi-security = { 59 + key-mgmt = "wpa-eap"; 60 + password = "$" + pskVar; 61 + identity = identity; 62 + phase2-auth = "mschapv2"; 63 + }; 64 + } 65 + else if psk != null then 66 + { 67 + wifi-security = { 68 + key-mgmt = "wpa-eap"; 69 + password = psk; 70 + identity = identity; 71 + phase2-auth = "mschapv2"; 72 + }; 73 + } 74 + else if pskFile != null then 75 + { 76 + wifi-security = { 77 + key-mgmt = "wpa-eap"; 78 + password = "$(" + pkgs.coreutils + "/bin/cat " + pskFile + ")"; 79 + identity = identity; 80 + phase2-auth = "mschapv2"; 81 + }; 82 + } 83 + else 84 + { } 85 + else if pskVar != null then 48 86 { 49 87 wifi-security = { 50 88 key-mgmt = "wpa-psk"; ··· 106 144 type = lib.types.nullOr lib.types.path; 107 145 default = null; 108 146 }; 147 + eduroam = lib.mkOption { 148 + type = lib.types.bool; 149 + default = false; 150 + description = "Enable eduroam configuration"; 151 + }; 152 + identity = lib.mkOption { 153 + type = lib.types.nullOr lib.types.str; 154 + default = null; 155 + description = "Identity for eduroam authentication"; 156 + }; 109 157 }; 110 158 } 111 159 ) 112 160 ); 113 161 default = { }; 114 - description = "Map of SSID -> { pskVar | psk | pskFile }."; 162 + description = "Map of SSID -> { pskVar | psk | pskFile | eduroam config }."; 115 163 }; 116 164 }; 117 165

secrets/wifi.age

This is a binary file and will not be displayed.