From 076a7cacfeb47371f041bb29948a4c0b636540e7 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 22 Aug 2024 11:39:42 +0200 Subject: [PATCH] network: rework wpa supplicant --- hosts/thinkpad/default.nix | 3 +- hosts/thinkpad/modules/networks/default.nix | 2 +- hosts/thinkpad/modules/networks/uni.nix | 13 +- shared/zsh.nix | 157 ++++++++++---------- 4 files changed, 90 insertions(+), 85 deletions(-) diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 759bb3c..c9bee3f 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -20,7 +20,6 @@ "soft-reboot.target" "systemd-soft-reboot.service" ]; - # Use the systemd-boot EFI boot loader. boot = { kernelModules = [ "v4l2loopback" ]; @@ -107,7 +106,7 @@ services = { - # envfs.enable = true; #usr/bin fixes + envfs.enable = true; #usr/bin fixes blueman.enable = true; # bluetooth devmon.enable = true; # automount stuff upower.enable = true; diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index 98541a0..b46ab04 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -36,7 +36,7 @@ "2620:fe::9" ]; # allow downgrade since fritzbox at home doesn't support it (yet?) - dnssec = "allow-downgrade"; + # dnssec = "allow-downgrade"; }; networking = { nftables.enable = true; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 74374dd..67ad168 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { age.secrets = { tud.file = ../../../../secrets/thinkpad/tud.age; @@ -8,15 +8,12 @@ }; }; networking = { - supplicant = rec { - enp0s31f6 = { + supplicant = { + "LAN" = { userControlled.enable = true; driver = "wired"; configFile.path = config.age.secrets.dyport-auth.path; }; - # ugly way to add more interfaces - # "enp0s13f0u2u1" = enp0s31f6; - # "enp0s13f0u3u1" = enp0s31f6; }; wireless.networks = { eduroam = { @@ -143,5 +140,9 @@ LockPersonality = true; }; }; + # fix systemd dependencies for supplicant services + "supplicant-lan@" = { + wantedBy = lib.mkForce [ ]; + }; }; } diff --git a/shared/zsh.nix b/shared/zsh.nix index 69530b7..38508fa 100644 --- a/shared/zsh.nix +++ b/shared/zsh.nix @@ -1,4 +1,19 @@ { pkgs, config, lib, ... }: +let + switch = pkgs.writeShellScript "switch.sh" '' + OUT_PATH=/tmp/nixos-rebuild-nom-$(date +%s) + ${lib.getExe pkgs.nix-output-monitor} build /etc/nixos\#nixosConfigurations.${config.networking.hostName}.config.system.build.toplevel -o $OUT_PATH + ${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set $OUT_PATH + $OUT_PATH/bin/switch-to-configuration switch + unlink $OUT_PATH + ''; + garbage = pkgs.writeShellScript "garbage.sh" '' + nix-collect-garbage -d + echo Cleaning up boot entries... + /run/current-system/bin/switch-to-configuration boot + echo Done + ''; +in { programs.command-not-found.enable = false; programs.nix-index-database.comma.enable = true; @@ -15,88 +30,78 @@ programs.fzf = { keybindings = true; }; - programs.zsh = { - enable = true; - shellAliases = { - rm = "trash"; - ls = "eza --icons"; - l = "ls -l"; - ll = "ls -la"; - la = "ls -a"; - less = "bat"; - update = "cd /etc/nixos && nix flake update"; - msh = "f() {mosh $1 zsh};f"; - }; - histSize = 100000; - histFile = "~/.local/share/zsh/history"; - syntaxHighlighting.enable = true; - autosuggestions = { + programs.zsh = + { enable = true; - highlightStyle = "fg=#00bbbb,bold"; - }; - shellInit = '' - zsh-newuser-install () {} - ''; + shellAliases = { + rm = "trash"; + ls = "eza --icons"; + l = "ls -l"; + ll = "ls -la"; + la = "ls -a"; + less = "bat"; + run0 = "run0 --setenv=PATH=$PATH --setenv=LOCALE_ARCHIVE=$LOCALE_ARCHIVE"; + update = "cd /etc/nixos && nix flake update"; + switch = "run0 ${switch}"; + }; + histSize = 100000; + histFile = "~/.local/share/zsh/history"; + syntaxHighlighting.enable = true; + autosuggestions = { + enable = true; + highlightStyle = "fg=#00bbbb,bold"; + }; + shellInit = '' + zsh-newuser-install () {} + ''; - interactiveShellInit = - '' - export MCFLY_KEY_SCHEME=vim - export MCFLY_FUZZY=2 - export MCFLY_DISABLE_MENU=TRUE - export MCFLY_RESULTS=30 - export MCFLY_INTERFACE_VIEW=BOTTOM - export MCFLY_PROMPT="❯" - # fix for networkctl - zstyle ':completion:*:complete:networkctl:*' list-grouped true - source ${pkgs.agdsn-zsh-config}/etc/zsh/zshrc - source ${pkgs.zsh-fzf-tab}/share/fzf-tab/fzf-tab.plugin.zsh - unsetopt extendedglob + interactiveShellInit = + '' + export MCFLY_KEY_SCHEME=vim + export MCFLY_FUZZY=2 + export MCFLY_DISABLE_MENU=TRUE + export MCFLY_RESULTS=30 + export MCFLY_INTERFACE_VIEW=BOTTOM + export MCFLY_PROMPT="❯" + # fix for networkctl + zstyle ':completion:*:complete:networkctl:*' list-grouped true + source ${pkgs.agdsn-zsh-config}/etc/zsh/zshrc + source ${pkgs.zsh-fzf-tab}/share/fzf-tab/fzf-tab.plugin.zsh + unsetopt extendedglob - function svpn() { - unit=$(systemctl list-unit-files | grep "openconnect\|wg-quick\|wireguard\|openvpn\|openfortivpn" | cut -d "." -f1 | ${pkgs.fzf}/bin/fzf --preview 'systemctl status {}') - if [ $(systemctl is-active $unit) = "inactive" ]; then - systemctl start $unit - else - systemctl stop $unit - fi - } + function svpn() { + unit=$(systemctl list-unit-files | grep "openconnect\|wg-quick\|wireguard\|openvpn\|openfortivpn" | cut -d "." -f1 | ${pkgs.fzf}/bin/fzf --preview 'systemctl status {}') + if [ $(systemctl is-active $unit) = "inactive" ]; then + systemctl start $unit + else + systemctl stop $unit + fi + } - prompt_dir() { - prompt_segment blue $CURRENT_FG '%c' - } + prompt_dir() { + prompt_segment blue $CURRENT_FG '%c' + } - switch() { - sudo true # ask the password so we can leave during the (sometimes quite long) build process - OUT_PATH=/tmp/nixos-rebuild-nom-$(date +%s) - ${lib.getExe pkgs.nix-output-monitor} build /etc/nixos\#nixosConfigurations.${config.networking.hostName}.config.system.build.toplevel -o $OUT_PATH - sudo ${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set $OUT_PATH - sudo $OUT_PATH/bin/switch-to-configuration switch - unlink $OUT_PATH - } + garbage() { + ${pkgs.home-manager}/bin/home-manager expire-generations "-0 days" + run0 --setenv=PATH=$PATH --setenv=LOCALE_ARCHIVE=$LOCALE_ARCHIVE ${garbage} + } - garbage() { - ${pkgs.home-manager}/bin/home-manager expire-generations "-0 days" - sudo nix-collect-garbage -d - echo Cleaning up boot entries... - sudo /run/current-system/bin/switch-to-configuration boot - echo Done - } - - sysdiff() { - echo System package diff: - ${config.nix.package}/bin/nix store diff-closures $(command ls -d /nix/var/nix/profiles/system-* | tail -2) - } - ''; - promptInit = - '' - # if [[ "$(hostname)" == "thinkpad" ]] - # then - # cat ${../images/cat.sixel} - # fi - eval "$(${pkgs.mcfly}/bin/mcfly init zsh)" - eval "$(${pkgs.zoxide}/bin/zoxide init zsh)" - ''; - }; + sysdiff() { + echo System package diff: + ${config.nix.package}/bin/nix store diff-closures $(command ls -d /nix/var/nix/profiles/system-* | tail -2) + } + ''; + promptInit = + '' + # if [[ "$(hostname)" == "thinkpad" ]] + # then + # cat ${../images/cat.sixel} + # fi + eval "$(${pkgs.mcfly}/bin/mcfly init zsh)" + eval "$(${pkgs.zoxide}/bin/zoxide init zsh)" + ''; + }; }