modules/nixos/sils/networking.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

{
  config,
  self,
  lib,
  ...
}: let
  cfg = config.sils.networking;
in {
  options.sils.networking.enable = lib.mkEnableOption "networking";
  config = lib.mkIf cfg.enable {
    networking = {
      enableIPv6 = false;
      useDHCP = true;
      #nameservers = ["2620:fe::fe" "2620:fe::9" "9.9.9.9" "149.112.112.112"];
      wireless = {
        enable = true;
        environmentFile = config.age.secrets.wireless.path;
        networks = {
          # Important: Never forget the second '@'!
          "@SSID_N0@".psk = "@PSK_N0@";
          "@SSID_N1@".psk = "@PSK_N1@";
          "@SSID_N2@" = {
            hidden = true;
            psk = "@PSK_N2@";
          };
          "@SSID_N3@".psk = "@PSK_N3@";
          "@SSID_N4@" = {
            auth = ''
              proto=RSN
              key_mgmt=WPA-EAP
              pairwise=CCMP
              auth_alg=OPEN
              eap=PEAP
              identity="@IDENTITY_N4@"
              password="@PSK_N4@"
              ca_cert="${self}/files/DNSX-CA.pem"
            '';
          };
          "@SSID_N5@".psk = "@PSK_N5@";
          "GPN-Open".auth = ''
            key_mgmt=OWE
          '';
        };
        userControlled = {
          enable = true;
          group = "wheel"; # TODO: Change this?
        };
      };
    };
  };
}