configured networks

vpn isn't configured yet, for cable I don't know
2025-04-25 16:08:30 +02:00 · 2022-12-29 15:05:26 +01:00 · 2022-12-29 15:05:26 +01:00 · 8f8ba0d250
commit 8f8ba0d250
parent f85c5de8b7
6 changed files with 61 additions and 13 deletions
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -5,6 +5,7 @@
    [
      ./hardware-configuration.nix
      ./modules/autorandr
+      ./modules/networks
      ../../shared/vim.nix
      ../../shared/input.nix
      ../../shared/sops.nix
@ -16,13 +17,6 @@
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

-  networking.hostName = "thinkpad";
-  networking.networkmanager.enable = true;
-  networking.firewall = {
-    allowedUDPPorts = [ 51820 ]; # used for wireguard
-    checkReversePath = false;
-  };
-
  # Set your time zone.
  time.timeZone = "Europe/Berlin";

--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -0,0 +1,28 @@
+{ config, ... }:
+{
+  imports = [ ./uni.nix ];
+
+  sops.secrets."wireless-env" = {};
+  networking = {
+    hostName = "thinkpad";
+    firewall = {
+      allowedUDPPorts = [ 51820 ]; # used for wireguard
+      checkReversePath = false;
+    };
+    wireless = {
+      enable = true;
+      userControlled.enable = true;
+      environmentFile = config.sops.secrets."wireless-env".path;
+      networks = {
+        "@HOME_SSID@" = {
+          psk = "@HOME_PSK@";
+          authProtocols = [ "WPA-PSK" ];
+        };
+        "@DORM_SSID@" = {
+          psk = "@DORM_PSK@";
+          authProtocols = [ "WPA-PSK" ];
+        };
+      };
+    };
+  };
+}
--- a/hosts/thinkpad/modules/networks/uni.nix
+++ b/hosts/thinkpad/modules/networks/uni.nix
@ -0,0 +1,29 @@
+{ config, ... }:
+{
+  networking.wireless.networks = {
+    eduroam ={
+      auth = ''
+        eap=PEAP
+        anonymous_identity="anonymous@tu-dresden.de"
+        ca_cert="/etc/ssl/certs/ca-certificates.crt"
+        domain_suffix_match="radius-eduroam.zih.tu-dresden.de"
+        identity="rose159e@tu-dresden.de"
+        password="@EDUROAM_AUTH@"
+        phase2="auth=mschapv2"
+      '';
+      authProtocols = [ "WPA-EAP" ];
+    };
+    agdsn ={
+      auth = ''
+        eap=TTLS
+        anonymous_identity="anonymous@agdsn.de"
+        ca_cert="/etc/ssl/certs/ca-certificates.crt"
+        domain_suffix_match="radius.agdsn.de"
+        identity="r5"
+        password="@AGDSN_AUTH@"
+        phase2="auth=PAP"
+      '';
+      authProtocols = [ "WPA-EAP" ];
+    };
+  };
+}