rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-01-19 01:21:39 +01:00
Code Issues Projects Releases Packages Wiki Activity

configured networks

Browse source 
vpn isn't configured yet, for cable I don't know
This commit is contained in:
Rouven Seifert 2022-12-29 15:05:26 +01:00
parent f85c5de8b7
commit 8f8ba0d250
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
6 changed files with 61 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
hosts/thinkpad/default.nix
View file

@ -5,6 +5,7 @@
[ [
./hardware-configuration.nix ./hardware-configuration.nix
./modules/autorandr ./modules/autorandr
./modules/networks
../../shared/vim.nix ../../shared/vim.nix
../../shared/input.nix ../../shared/input.nix
../../shared/sops.nix ../../shared/sops.nix
@ -16,13 +17,6 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "thinkpad";
networking.networkmanager.enable = true;
networking.firewall = {
allowedUDPPorts = [ 51820 ]; # used for wireguard
checkReversePath = false;
};
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";

28
hosts/thinkpad/modules/networks/default.nix Normal file
View file

@ -0,0 +1,28 @@
{ config, ... }:
{
imports = [ ./uni.nix ];
sops.secrets."wireless-env" = {};
networking = {
hostName = "thinkpad";
firewall = {
allowedUDPPorts = [ 51820 ]; # used for wireguard
checkReversePath = false;
};
wireless = {
enable = true;
userControlled.enable = true;
environmentFile = config.sops.secrets."wireless-env".path;
networks = {
"@HOME_SSID@" = {
psk = "@HOME_PSK@";
authProtocols = [ "WPA-PSK" ];
};
"@DORM_SSID@" = {
psk = "@DORM_PSK@";
authProtocols = [ "WPA-PSK" ];
};
};
};
};
}

29
hosts/thinkpad/modules/networks/uni.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, ... }:
{
networking.wireless.networks = {
eduroam ={
auth = ''
eap=PEAP
anonymous_identity="anonymous@tu-dresden.de"
ca_cert="/etc/ssl/certs/ca-certificates.crt"
domain_suffix_match="radius-eduroam.zih.tu-dresden.de"
identity="rose159e@tu-dresden.de"
password="@EDUROAM_AUTH@"
phase2="auth=mschapv2"
'';
authProtocols = [ "WPA-EAP" ];
};
agdsn ={
auth = ''
eap=TTLS
anonymous_identity="anonymous@agdsn.de"
ca_cert="/etc/ssl/certs/ca-certificates.crt"
domain_suffix_match="radius.agdsn.de"
identity="r5"
password="@AGDSN_AUTH@"
phase2="auth=PAP"
'';
authProtocols = [ "WPA-EAP" ];
};
};
}

6
secrets/thinkpad.yaml
View file

@ -1,4 +1,4 @@
o: ENC[AES256_GCM,data:OQ==,iv:bxliflmDvVoZkuJXrOGc1kh8/urnWdbt3wFcLmPcDf8=,tag:dk0FgO/KZGou4ujnZTpmOA==,type:str] wireless-env: ENC[AES256_GCM,data:ammPuyKddupz2q4zYLNzAH3W0uarrUnD4vu6ta3cboYN5egTrDrKWrgInSFNcebHUJknaS8WV8uqxFISMvi0+6KDXgf1CFpaF2xIaRhDUNr2Cd7eSCS9sbmy4tJ7Vinwt8prgElMm0heAjEgsP/ob9dAPrkFBkWXIk9pRtOZsAngqZ2CBXyPH2EciLCdJBaE+2SiQCvZfcNvsmKM2b9oTpQcP4Yp8HuWkUJthy+qyOHBq2LStiBAIjjXPqRR/PFKofPrXojs7+by,iv:63dNbgQq3fDGitfsHAxtwPzhiSyb4818a6iuc0s+zzo=,tag:edV7fPU5h8N362vonltt9g==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -14,8 +14,8 @@ sops:
S0NwYWFQcmFtTm5zTEZLVXRtMi91Zk0K3ylHH4OXduJlJxepPz9GxBzVmKGpv9LL S0NwYWFQcmFtTm5zTEZLVXRtMi91Zk0K3ylHH4OXduJlJxepPz9GxBzVmKGpv9LL
ApkEQxfPL4Bxrb2XOFLOYqJGv2SwxBv1QNYT7eTXRLTEsIXUHR0MGA== ApkEQxfPL4Bxrb2XOFLOYqJGv2SwxBv1QNYT7eTXRLTEsIXUHR0MGA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2022-12-27T16:39:22Z" lastmodified: "2022-12-29T13:31:52Z"
mac: ENC[AES256_GCM,data:ziliEa5Nqxpgp8fAQ89TjnUvCpSH813aViSpBZGqAq+fO0QSsNOIGiTCVoEskwAhIUK733rheJpBKfhApGk87Z/aZeUV3KYMhA80n8J5TMwqXAMoIqlYVXJv/HkRF40yafkSlDewURgUE+dx/IqKT++XOA5/S6E2lyLvTpsEyDc=,iv:gste7RZyzgrE8FdLYruAvdc6Obq/KCJFx4YPd4NWEjs=,tag:BGwL2z/6rgW6hZTcQ7hFMQ==,type:str] mac: ENC[AES256_GCM,data:F60xsH+HRhYxx8MNjWeY/tt40rAi2QLNxuZjFxAkP8RUNZyHyZaqR1ZBSUgyaLz4UvFxv9AacRs4+Gwt9a2ndIX9tHl11TE0WRnRvQGKfyND8mK5tc7G3wwxWd5n+ZiiMqSfJ0WXf5EWCh9OBetSUtQZ4yO3IEQRSr+3hv8xTyo=,iv:DN/dTSX3HAUeiT2Ii47vWxISsRw99fLQZ87Ur6VKw00=,tag:fVT4rNDyX03E1ZWJ5ZDH9w==,type:str]
pgp: pgp:
- created_at: "2022-12-27T16:39:15Z" - created_at: "2022-12-27T16:39:15Z"
enc: |- enc: |-

2
users/rouven/modules/awesome/rc.lua
View file

@ -21,9 +21,7 @@ local hotkeys_popup = require("awful.hotkeys_popup")
require("awful.hotkeys_popup.keys") require("awful.hotkeys_popup.keys")
-- Autstart some stuff -- Autstart some stuff
awful.spawn.with_shell("nm-applet")
awful.spawn.with_shell("light-locker --lock-on-lid") awful.spawn.with_shell("light-locker --lock-on-lid")
-- awful.spawn.with_shell("nextcloud")
-- Handle runtime errors after startup -- Handle runtime errors after startup
do do

1
users/rouven/modules/packages.nix
View file

@ -2,7 +2,6 @@
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
# essentials # essentials
networkmanagerapplet
pcmanfm pcmanfm
xsel xsel
lightlocker lightlocker