configs/ccc.nix

{ pkgs, ... }:
# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34
let
  certificate = pkgs.stdenv.mkDerivation rec {
    name = "dst-root-ca-x3.pem";
    src = builtins.toFile "${name}.awk" ''
      {
        if(a > 0) { print }
      }

      /-----END CERTIFICATE-----/ { a = 0 }

      /DST Root CA X3/ { a = 1 }
    '';
    nativeBuildInputs = with pkgs; [ cacert gawk ];
    phases = "installPhase";
    installPhase = ''
      ${pkgs.gawk}/bin/awk -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out
    '';
  };
in
{
  networking.wireless.networks."36C3" = {
    auth = ''
      key_mgmt=WPA-EAP
      eap=TTLS
      identity="kmein"
      password=" "
      ca_cert="${certificate}"
      altsubject_match="DNS:radius.c3noc.net"
      phase2="auth=PAP"
    '';
  };
}
feat(networking): add 36C3 2019-12-27 11:41:11 +01:00			`{ pkgs, ... }:`
			`# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34`
			`let`
			`certificate = pkgs.stdenv.mkDerivation rec {`
			`name = "dst-root-ca-x3.pem";`
			`src = builtins.toFile "${name}.awk" ''`
			`{`
			`if(a > 0) { print }`
			`}`

			`/-----END CERTIFICATE-----/ { a = 0 }`

			`/DST Root CA X3/ { a = 1 }`
			`'';`
			`nativeBuildInputs = with pkgs; [ cacert gawk ];`
			`phases = "installPhase";`
			`installPhase = ''`
			`${pkgs.gawk}/bin/awk -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out`
			`'';`
			`};`
			`in`
			`{`
			`networking.wireless.networks."36C3" = {`
			`auth = ''`
			`key_mgmt=WPA-EAP`
			`eap=TTLS`
			`identity="kmein"`
			`password=" "`
			`ca_cert="${certificate}"`
			`altsubject_match="DNS:radius.c3noc.net"`
			`phase2="auth=PAP"`
			`'';`
			`};`
			`}`