From 07dab576159b603851cb2bb217aeb84a02eef25d Mon Sep 17 00:00:00 2001 From: 0x5a4 <54070204+0x5a4@users.noreply.github.com> Date: Wed, 13 Nov 2024 21:26:22 +0100 Subject: [PATCH] easyroam woop woop --- flake.lock | 16 ++++++++++++++++ flake.nix | 2 ++ host/secrets/easyroam | 24 ++++++++++++++++++++++++ host/share/wifi.nix | 29 +++++++++++++++-------------- mod/nixos/default.nix | 1 + 5 files changed, 58 insertions(+), 14 deletions(-) create mode 100644 host/secrets/easyroam diff --git a/flake.lock b/flake.lock index e3d5e87..97f0f06 100644 --- a/flake.lock +++ b/flake.lock @@ -253,6 +253,21 @@ "type": "github" } }, + "nix-easyroam": { + "locked": { + "lastModified": 1731529076, + "narHash": "sha256-tco4Rtkx8L8MoZNAMHgye6BOG2GfZYmfOhuLuG/rwGM=", + "owner": "0x5a4", + "repo": "nix-easyroam", + "rev": "1bc6c61771f177b4dbb6802d50db4deca18d3806", + "type": "github" + }, + "original": { + "owner": "0x5a4", + "repo": "nix-easyroam", + "type": "github" + } + }, "nix-formatter-pack": { "inputs": { "nixpkgs": [ @@ -460,6 +475,7 @@ "flake-programs-sqlite": "flake-programs-sqlite", "hardware": "hardware", "home-manager": "home-manager", + "nix-easyroam": "nix-easyroam", "nix-on-droid": "nix-on-droid", "nixpkgs": "nixpkgs_2", "nur": "nur", diff --git a/flake.nix b/flake.nix index 309cdff..0286bd5 100644 --- a/flake.nix +++ b/flake.nix @@ -13,6 +13,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + nix-easyroam.url = "github:0x5a4/nix-easyroam"; + home-manager = { url = "github:0x5a4/home-manager/init-wayfire"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/host/secrets/easyroam b/host/secrets/easyroam new file mode 100644 index 0000000..c5130aa --- /dev/null +++ b/host/secrets/easyroam @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:DU82GkrLggTCvHQx4utnIfrzJY1gEEPR5s6vwWpjAfDqaFFly1ujXc2H+bzle2LV0WXlOq0AHsytgYMIcHLClgc+VJba73CzjKXnCgKZWoTd8ZYBBaGJBw3X1SBP1IfnFTpUri9RZ5qxPp3dO/Tk30W4VEDdbmQI3T/D+qKT2fxupZYofUfvl38FIyy3m8KXXmAfl+3ogm2E3OWW0GeR+JFfU89Ln9/+9NJORf3nDfIbUY7UzMKyEA5XZkF5J8/XkxVLN/2r8SJLIY4zdtfPvLY9kpOgFlcf8c3tnGUReArQnOvPXRbcAG9IZd0b/o+J/bvjWpQ7BeunhJqVd5xGaSPE6wwaHBNHlXMmI4uoWHwva2gF4rkyUeNkT8icmlOnr7REkBwFm9jX2QTbypNLuntZNQVmc9aNpMbr7xArMTLV9xfA8oOBLgRaGjUS46i4Jo6sYvv6uFpkHzLy62tJEti02KN6hd+sBHd+GEU9+j63lnzEZ+M9F4qPZYfhKKPvq6xAXn8ZQGMr5LVVa0RxPrFSWRurrZNOevvZ88QNm7sIUbjrDFSuHgC7TcIXckUJz2osZH1JLsHCULVdtkXFvsRouYudAaBe9DfMhkhEmfydQdI08uRuNB4UTYzKGhDjjzLkriv1ASuJeoI46Um885NB/hfjJzvkzPfC3Yiia4KkAaBqnSC0uK84r400Qz54xTMTdEaIWht7wLv3aBkjsIySbNjaiKqtMwLpZLXXEPvAtwDs1S7fM6qW1J27mSWl4dsce14D0nWhW1/N/+luB71Bf8Vl+pq0sSGx+Z345yEpeZvYeJbzMY1ZXGzObf11vKCrus2pzP9COMftumg1Mkx/P+9LiooDabFktISfMPdd7qsHKdQmyhc5wINzKIWC4mEgkKtC/M7sxt0XUnoPvMQG+hRz2d5y4lxa+tP9tDlISYoeCAPNZ9dkmFh8KECUW1+6pgyQSx4eQcb7A2zy+/Vtm2/szawR9L6Ue8S29sH7nH6Q2yvOSNK1+/+umqr0Ipwh/x/RYQXc5uJ+qUa/3sda74+47zkpMidZQR7HwK4QSdGx5icQaluC7V1GjpvncvvmEdtxE2CHqwX4IndfO93ObIPU85MEqg3633TrHd9A3huRsDnypURqklJ16cT3PaUO/6dlNfJw/7iz9CVLCnbQvxv/ys/MdxJxn+0ry5IupviIXu07SpR7ozmxfxZ93wzKV1Crnw0ZIPKZU5vuCBP6VsUkrhs9ljjIKGzmj3Qj7IeAOSDv7c3yu55ZbZhbejfQ0tQtMYJBjuu6OBOmGiZ6YGvB1Hg4xjQbkuXvc52H5aezt96Y5+czBBFkwbpO3ldbHTkrfRzyUHSxAsjwRBHXwsdkGu4lQV23zWr8ShPyD/8LLjPXeC7hcZTD+hSfEEx8s5x7kjgTfeoMFIZ/NfmPk05pbe4oobbR8AskQqynmxYNIG/bxBX52Jp9BSgAGgJ0JtvZkC+pWPNoPR97P1En6TYRDsAsFmd/kwZKeE0ttkbM7+laiq1nPmeYhuVf2KnNeit0mM2EofDUfWCTOrz8ThfYRJO7DYBYv+YOQQRllco5viCp17jhAP9q1ySIUYdMwOZ60iaSUctGQhoIB54V0HJ41S9ZP+4k/bDvzzbiCcz+j21NlBQmJ0GExvuLOfAUTmLA3zC/YWj0+VKtUziHQ9kvABrWTpfLjgSmzfDe/6KLH6LKhIalhfzGr5UkmKoI3HneQR+EE7FVjFunIUQrmRuC5JudgFYYBiEJSfxGShlB6isyO7NdWc1PnuXqswmJ2Y7lwxfAZrO3qFa/Q51rprvkmfD/9sAWM0YYF9WIeeV6WNHgSHRrvd0wEUahhy/+gA96exjobM0TDIvWu0rm46ObZF6aStL43etp0M9BCdIxQDofiMq4y4RQ0QqWqOuBSOVLH+Kf+OVtRS2aIllw9H5VSh8K+PnmCZ7cDOaaKb+ewv6GmY8s3BJYNqN/x4ujVqpsNIK0mGOeVR2o+H5mBxGlLrnRyUSOcYC8WWjibEU2Ob/V3O5OrMq40j25TMXBXL8x5o6lx2FHZ6bY8luX7c5F/ud869beHgFXWCsi62dfDbMib3bZofMd4gEx8Lv/Te9pKjq5QKlL/kXfphBgp+F9xYFStckJgoAaDx6tZQrEqW2kgc9NN5O83Up8BXX2+izNLM0x2ApPC/iELLyfUBBruqMkw6hCTw5CHB/6bSDTui9j5mhN2Ij0Wm06xxojBz93R5FYyHQ/omnaYSiTdOXguUQ/0KGl19hbkOJ4CVfl5FJeRbK2m6rzAuxhJIKbF2l1CejtgDQQHI4ucduJgunWIv+kaMq7KlzJ72a+MGGUGqwBvm+Gf1rTHRpgNPWSKJv7ccyuP0/PSdv53V712cESeUMbTj7JgwwFCIMX0RWpMzk5878caaRQAGNscqAbT/GHz7ApD3MXtaK3D0LtjEj/7th7PMvLB2lEY047ESckqynoQCTQIUb+XXtI+hXuENG+a84MCZbKkEE2NF/BAy2W5BerQpsmNyU3d9RU3ETGNgfr81RLmv/3uBmf7sBI6t2GLmLJCp4gCREorMIWFsKjNIV+HYq4NvFFzcre1lWUeJJ6OksuI8izlwd3gCt2sC/L4xnJtCA1cY9IPIi+tIp+WbBp/e18K6ixmGTtyPB/GaiyVBcEZzSlmGf5gS/VK0Va/Zwoy2b4IDNBxkFcQ6tT58xvjX3ujT8uf7u53iWmkL98NW7kmQmAqnlP8t8h72UvxuG7Ldc06qPCPx5Y8M5wQ6myKrTAca3+q06ddyM6HepkwnPQgtIuy2vBqjvoDJhtH0EapfDF0a7e3iHn2y/pOzT/X4X24PykuBeW6AaljuOZcDv2hLOzd49qbWL7PegAc4FV+WOKhJBXes1sHBZWrbQMH3ThLVbXQzxpInKZGRjS7BQVc/x9l4FiUVnPyfau2dF5tMoiKqTsFYBpzGVMezhtTgTSQ3m0UMRH4Nist5APrzUfQgeKmUfK7yhie/L3QSv09LBw1dV5H2s8ic/jG2fYyuZiWsJzdND6w7tpi/0/kZRZv6Klydx+RIESiIhPi5dfe7DeWKfeShgrRX93auyAodJLGypcZXFtIfgV+iwq309aKYCfX/0u5cMJVqmsSLeMgMmS7My01IsV2Xp7PD4SXgjMB0NM98/8PkuB1yA8k1rAbkhaWQbDbXbYNf+uNE8Q7+fwO35s0ZptJdEl3vQGlM4QKIKQnnTo7z3W+r0/ekA5DviKgW+fVZfJ4mTyPa8I+GmByOtflsborOZ503gjDfcpeg7go1wmasQQQ51iXMTo4kXMt40DHTGRSm4OPS5u9bG4DqlofUHQvB7Na2I4vmGmhEI0h4rUyAFUwIUXuYUlY+N1pNegoH8vhugI3qVR9JCHncFT4Rr5YR+/UBIuLK/HyPeq49bNXblaiaZg8PrnN3YYVdFmEsTXhFFRo28s1h0OCBcBLVdW2aYwTwSK+qsvKMVPgUYNrQmPVtGT3zufiqWQK3yemd96eZ37O/QvdhzDrdAznmL97ptojvuBcbzesezn0TkgmIawgm0x21djeUY95wRI+Mx44lex9ASr3X9F4k3dXQeup+9AaLtWe0B2wnY6TsfJqNHuP/zrPjfXy3fi1eU/cI5yzuxO/McAlMaNgcTOCIXRWt4Er9wxG5htIOXRo9opvwbMOf4TJGPdgfpKb6voRX2zQEJYPibeMJXZhyODOj3o4HzE8pYwLgbQOrgI7uYJLCoo46Q1VPGb7U5xjCmb6tY8Q+6xRmpYmEugqjk6v/0/yzaXBAWbTJnISpEJUFsBqm8Np2MhcbCXGvTR51CMgPzF/Sh6OS9PXZSDzcu19tTrPBaz+D22nUZOQAF6cG4EXnNM+MPZPO2otsgH0eCjcWGNINT8ePwCjxTBWTHj7P4fgMfYmtpg/tvTKvk5kuIk9W02OzVlVfNm3GPec/LdvUYwFQ1vARcz/LYmuzTiH7gYXopAiSJvBj0NHaMPet3tpxHMP6D7uq/vo2GG6tNtKfsCMrg4dDkd+qJYHyGqCMroVMewz1hIotPWDJN1YkwqGA2YThs67gGt/btReVd+b4YA3SsPCCZicIIa+7Rel7zp5XHWFtSj9+PEeofC/5jZqyv0Mb9Z5qXGzZa4G5CbIBjGXE4aOqpHBVSQozEkHuq6xznYNuzd1pWfq7jq0JbRkVk2RIyCVlIQOrF6mjRBQWEzl9eTf57h5b9mV/RcJWUncuf/YMxdKpBVzK9ri11XMziuyeB4S0F0U7EKsgULklnI2R5+yJ7WlMiYl1qRL411aEpVIUnN5X/HB3NT+kyxPKa9/RTPcdnFzlI/qvOtYcp9EwMiTAJDH1fk7tRpk2a/keH4dj6fRM9Z1TluNoVB8xh9t3E3vCJsQHAHrOJvygogeV53re+Ysk70WEasGgSPeWDiDcC+01ydqefkTLP+JRPtDfMTb8pkI6FvJO35NXlhFh95uXibY86urC4VLBtwrVGiGo+y/5JJ+ENcgLuRksXBSzEKupISxeYTa5itEUtVhtHHfWPPSrrB+OczQKNB/WxqQhsC9o3pRIae9b2LTscx0UL5Fg/vS6Zd8jksmRRmzoM2yHv5FkWDVRj46feeT4PW2wHuq7uQolsnitwm+fRsuS11vBkV2+GZv6679MIwR1NZd8znj39tasB/gqoFd0E41PNz47SbPAUtVqsZ4bcxy0OCnbmqT3glA6ueiHMO6nqOMnefSIHUJ/tRItku7RlyexkpBhgI8fF+n5PmRbKQ6FDw8ztWAC2aFQ+eXYv8rNxRH7QkiGgR6vwANTqTa1pknIpDAuNhN1YV21tdSMF2Lx3J11xWBoewmkXk6Jbhnv/NKt+SszWRFlDVVGvtIOktPMsDLpQfFiUBEYe/6ezL64wuc/d/TsNKYu10Gf+qxuVNJ9GqAw/M8uolq/v1X/Rj6YxxdM/elD6TqaPpVV1sgRmbdU91aTRS/zMtux/eV/4ne91GBDKK0Xptnybq27VT33UoC2LFguut1W6wBxM3R+F2hcFk+ZhgeD0tteLwy89408XigRi6iWgrZvHHQp88axnHPBsV4S8pFAaN0nGWlGvgbk6ffHsJqnWksvvxwkBIZv618qoTalE8MFwnc2N1TrqYQXW77yT8uCav+Rw/jr/NowtOhNqG/gZbdAtELnUosM/rQwtQSaoG4UXAkOBn1ycvb39/QiHDfc+rXY5i5JttTUXX7l48m6hvYNMxMldzBuMpOG/2HQ7i3WqLBMIelC+xrSV4QvXwrTCDP7S/9aYBF2Fh4V6sFGlQLiLP/PDQMa9NJ/KZEmWEI6O8oSvsv50XcxvVWTbAhM+PKFz3J87sjQWqXxcx8M2RJf62bapWOgPRv+lWpMArQnTCVspfaH7DF1sdtrbTO5KE6hmTrt918E9CgG4FN7MyM8vldsNUaHROc5BYWVKYr/rbqYsPFcKlXlnMTUGgOAqCjFpDwisLKMxPFQLYIfOl3VTa0UT/ooqkxMJJd1LyNFLO,iv:Q8Ywu7OaQAXhQs7sBZ+Yd0DT2DX3GjtrAU3Kps+Z/Y4=,tag:rq7cud4hlZz87VTir+c4aA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1n9e7ymdmcprdynwutygfvd6an2h9xcvpneehu9gcsd93vr0mvg5sqndy08", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUDBlRHBvdUxFd2J1NVlP\nWThmYXk1OGt3TWgvMXRFNkxCL3NncVY1TXcwCnhqZDBYbDN6dnRpOEpWZys2b2lz\nY2p3S0lBVTd0dzJKRCtxWXNGLzZXWTQKLS0tIDBEeUZXTE1NTTk5QjhwSHpycVEy\nR2ZTbXBiazg4dyt3b2NiZTkrNmtEY2MKp+8rAC4XWL1hH3REDSDgD1T0nyQleL9+\nKBUW7zbp5ToAJ8NXefWRTTu//LEXrVgvusb7MVtZXrZBgsrStKeXpQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1rs4fcwsjt7v0uja0v4a9aedrakmvl67sk69yjhzdsrusl3a29glsq40m5e", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocDAwc1A1bGUwR3hucDV6\nRkpKYlljQmF6T2cyRWNsb2dDTFF5Ymh3bTJ3CnJZR3N5Y29lcDFhcnBRcmRFQWZm\nb2hBU0VLV0p3ZWRoejloRDV6WUYyMmsKLS0tIC9oeWZsS25jZTY4eWh6WHRqbjdH\nMU5aV1BsdWJabE1IbGlnUUZqdHovM28K78VzfcCE+PtAdz0T0cGDRR8ZfhPI2wQr\nfkFXbTHbYvgLKbehB+ARWBAAktW1QcalJYxoZZMD6c196ZTdjBt8UA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-11-13T20:23:51Z", + "mac": "ENC[AES256_GCM,data:IhUbutht4dZrHr8Yzvo8t9c7Py9dveGmaaZpDKWj4CY8dMJs+6geqeslt1MJp81kZD8cYsehLqhXOuGGSzhe7XGXWygv6GT8d/ALA0Nbv5qqbesTG6pAnytRa6a2P9URRs7dHPvjodXoZNNl3CMrMDm9MIxfe5pRnKvMsAFJFq4=,iv:OPoMB2eOhWpMY8HJ++p8SOcxKqkAQrQF66h1356O81Y=,tag:N+Zvbp0IP4e8iPpYzPzVdQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.1" + } +} \ No newline at end of file diff --git a/host/share/wifi.nix b/host/share/wifi.nix index 4c909c4..735f466 100644 --- a/host/share/wifi.nix +++ b/host/share/wifi.nix @@ -1,5 +1,19 @@ -{ ... }: +{ config, ... }: { + sops.secrets.easyroam = { + sopsFile = ../secrets/easyroam; + format = "binary"; + }; + + services.easyroam = { + enable = true; + pkcsFile = config.sops.secrets.easyroam.path; + network = { + configure = true; + commonName = "3252125432889295763@easyroam-pca.uni-duesseldorf.de"; + }; + }; + xfaf.services.wifi = { enable = true; secretsFile = ../secrets/wifi; @@ -17,19 +31,6 @@ FelixPhone = "FELIXPHONE"; "bUm gast" = "BUMGAST"; WIFIonICE = { }; - eduroam = { - auth = '' - key_mgmt=WPA-EAP - pairwise=CCMP - eap=TTLS - password=ext:EDUROAM_PASSWORD - altsubject_match="DNS:radius.hhu.de" - phase2="auth=PAP" - identity="bej86nug@hhu.de" - anonymous_identity="eduroam@hhu.de" - group=CCMP TKIP - ''; - }; }; }; } diff --git a/mod/nixos/default.nix b/mod/nixos/default.nix index 6e09fa3..30b0a24 100644 --- a/mod/nixos/default.nix +++ b/mod/nixos/default.nix @@ -11,5 +11,6 @@ inputs.sops.nixosModules.sops inputs.stylix.nixosModules.stylix inputs.disko.nixosModules.disko + inputs.nix-easyroam.nixosModules.nix-easyroam ]; }