feat(wifi): networkmanager for wilde, wpa_supplicant for others

configs/default.nix

@@ -247,7 +247,6 @@ in {
     ./version.nix
     ./vscode.nix
     ./watson.nix
-    ./wifi.nix
     ./zsh.nix
   ];
 }

configs/hu-berlin.nix

@@ -6,23 +6,6 @@ let
     identity = fileContents <secrets/eduroam/identity>;
     password = fileContents <secrets/eduroam/password>;
   };
-  eduroamAuth = ''
-    key_mgmt=WPA-EAP
-    eap=TTLS
-    proto=RSN
-    identity="${eduroam.identity}"
-    anonymous_identity="anonymous@wlan.hu-berlin.de"
-    altsubject_match="DNS:srv1-radius.cms.hu-berlin.de;DNS:srv2-radius.cms.hu-berlin.de"
-    password="${eduroam.password}"
-    ca_cert="${
-      pkgs.fetchurl {
-        url =
-          "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/t-telesec_globalroot_class_2.pem";
-        sha256 = "0if8aqd06sid7a0vw009zpa087wxcgdd2x6z2zs4pis5kvyqj2dk";
-      }
-    }"
-    phase2="auth=PAP"
-  '';
   hu-berlin-cifs-options = [
     "uid=${toString config.users.users.me.uid}"
     "gid=${toString config.users.groups.users.gid}"
@@ -37,11 +20,6 @@ let
     "x-systemd.idle-timeout=1min"
   ];
 in {
-  networking.wireless.networks = {
-    eduroam_5GHz.auth = eduroamAuth;
-    eduroam.auth = eduroamAuth;
-  };
-
   fileSystems."/media/hu-berlin/germpro2" = {
     device = "//hugerm31c.user.hu-berlin.de/germpro2/ling";
     fsType = "cifs";
@@ -58,6 +36,16 @@ in {
     (pkgs.writers.writeDashBin "hu-ip" ''
       ${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3
     '')
+    (pkgs.writers.writePython3Bin "hu-eduroam-install"
+      {
+        libraries = with pkgs.python3Packages; [ distro pyopenssl dbus-python ];
+        flakeIgnore = [ "E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291" ];
+      }
+      (builtins.readFile (builtins.fetchurl {
+        url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py";
+        sha256 = "19x2kvwxx13265b2hj5fjf53g0liw6dw7xf9j9cav67cswmz60kf";
+      }))
+    )
   ];
 
   systemd.services.hu-vpn = {

configs/kleiter.nix

@@ -1,13 +0,0 @@
-{ ... }:
-let ssid = "Kleiter Gast";
-in {
-  networking.wireless.networks.${ssid}.psk = "Kleiter-Gast";
-
-  # fix dns
-  systemd.network.networks.kleiter = {
-    dns = [ "8.8.8.8" "8.8.4.4" ];
-    networkConfig.DHCP = "yes";
-    matchConfig.Name = "wlp3s0";
-    matchConfig.SSID = ssid;
-  };
-}

configs/networkmanager.nix

@@ -0,0 +1,30 @@
+{ pkgs, ... }:
+let
+  autowifi = pkgs.writers.writePython3Bin "autowifi" { flakeIgnore = [ "E501" ]; } <stockholm/lass/5pkgs/autowifi/autowifi.py>;
+in
+{
+  networking.networkmanager = {
+    enable = true;
+    wifi.macAddress = "random";
+    ethernet.macAddress = "random";
+    unmanaged = [ "docker*" ];
+  };
+
+  users.users.me.extraGroups = [ "networkmanager" ];
+
+  systemd.services.autowifi = {
+    description = "Automatic wifi connector";
+    wantedBy = [ "multi-user.target" ];
+    path = [ pkgs.networkmanager ];
+    serviceConfig = {
+      Type = "simple";
+      Restart = "always";
+      RestartSec = "10s";
+      ExecStart = "${autowifi}/bin/autowifi";
+    };
+  };
+
+  networking.networkmanager.dispatcherScripts = [
+    { source = "${(pkgs.callPackage <stockholm/makefu/5pkgs/prison-break> {})}/bin/prison-break"; }
+  ];
+}

configs/wifi-at-db.nix

@@ -1,20 +0,0 @@
-{ lib, ... }:
-let
-  ssids = [ "WIFIonICE" "WIFI@DB" ];
-in
-{
-  # ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c
-  virtualisation.docker.extraOptions = lib.concatStringsSep " " [
-    "--bip=172.39.1.5/24"
-    "--fixed-cidr=172.39.1.0/25"
-  ];
-
-  networking.wireless.networks = lib.listToAttrs (map (ssid: {name = ssid; value = {};}) ssids);
-
-  # fix dns
-  systemd.network.networks.wifi-at-db = {
-    networkConfig.DHCP = "yes";
-    matchConfig.Name = "wlp3s0";
-    matchConfig.SSID = lib.concatStringsSep " " ssids;
-  };
-}

configs/wifi.nix

@@ -1,55 +0,0 @@
-{ pkgs, ... }:
-{
-  imports = [ ./wifi-at-db.nix ];
-
-  networking.wireless = {
-    enable = true;
-    userControlled.enable = true;
-    networks = {
-      "Aether" = {
-        pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
-        priority = 10;
-      };
-      "Asoziales Netzwerk" = {
-        pskRaw = "8e234041ec5f0cd1b6a14e9adeee9840ed51b2f18856a52137485523e46b0cb6";
-        priority = 10;
-      };
-      "Libertarian WiFi" = {
-        pskRaw = "e9beaae6ffa55d10e80b8a2e7d997411d676a3cc6f1f29d0b080391f04555050";
-        priority = 9;
-      };
-      "EasyBox-927376".pskRaw = "dbd490ab69b39bd67cfa06daf70fc3ef3ee90f482972a668ed758f90f5577c22";
-      "FlixBus Wi-Fi" = { };
-      "FlixBus" = { };
-      "FlixTrain" = { };
-      "BVG Wi-Fi" = { };
-      "wannseeforum" = { }; # login via curl -XPOST http://WannseeLancom.intern.:80/authen/login/ -d userid=$USER_ID -d password=$PASSWORD
-      "Hotel_Krone" = { }; # login: http://192.168.10.1/
-      "Ni/Schukajlow".pskRaw = "ffc47f6829da59c48aea878a32252223303f5c47a3859edc90971ffc63346781";
-      "WLAN-914742".psk = "67647139648174545446";
-      "KDG-CEAA4".psk = "PBkBSmejcvM4";
-      "KDG-4ECF7".psk = "Gdbwh7afw2Bx";
-      "IAmATeapot".psk = "PaymentRequired402";
-      "WLAN-XVMU6T".pskRaw = "46ea807283255a3d7029233bd79c18837df582666c007c86a8d591f65fae17cc";
-      "c-base-public" = { };
-      "discord".psk = "baraustrinken";
-      "GoOnline".psk = "airbnbguest";
-      "security-by-obscurity".psk = "44629828256481964386";
-      "Mayflower".psk = "Fr31EsLan";
-      "Born11".psk = "56LMVLbw840EGNWk0RYRqvgicx3FSO";
-      "FactoryCommunityGuest".psk = "Factory4ever";
-      "krebs".psk = "aidsballs";
-      "b-base".pskRaw = "44040369a63d5bce4576637e8d34aeb3ed3d178011386decb99da473418e9861";
-      "c-base".pskRaw = "1355ccb287407bcd0caa4a7a399367c28b1e11bf5da34dd100d4b86ac4cafe46";
-      "o2-WLAN66".pskRaw = "9fc24da5ee0c7cf73321f5efa805370c246c4121413ea4f2373c0b7e41ec65e4";
-      "Vodafone-8012".pskRaw = "45a998e3e07f83ae0b4f573535fb3ccfd808b364a22f349878ced889a6fffe2c";
-      "yinyin".pskRaw = "ee85005d339df61e1e1a8484b96318513e15c46f222c3c06e8959fbc256569e7";
-      "Light Hope".psk = "FriendsofMara63069!";
-      "WG-Jung".psk = "BerlinMadridParisTokyo";
-      "FRITZ!Box 7590 NT".psk = "90699935547611192380";
-      "AA".psk = "Hallo1234";
-    };
-  };
-
-  environment.systemPackages = [ pkgs.wpa_supplicant_gui ];
-}

configs/wpa_supplicant.nix

@@ -0,0 +1,6 @@
+{
+  networking.wireless = {
+    enable = true;
+    networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
+  };
+}

systems/manakish/configuration.nix

@@ -8,6 +8,7 @@
     ./hardware-configuration.nix
     <niveum/configs/default.nix>
     <niveum/configs/battery.nix>
+    <niveum/configs/wpa_supplicant.nix>
     {
       programs.steam.enable = true;
       nixpkgs.config.steam.java = true;

systems/toum/configuration.nix

@@ -10,10 +10,10 @@ in {
     <niveum/configs/sshd.nix>
     <niveum/configs/moodle-dl/meinhark.nix>
     <niveum/configs/save-space.nix>
-    <niveum/configs/wifi.nix>
     <niveum/configs/tmux.nix>
     <niveum/configs/version.nix>
     <niveum/configs/traadfri.nix>
+    <niveum/configs/wpa_supplicant.nix>
     <niveum/modules/retiolum.nix>
   ];
 

systems/wilde/configuration.nix

@@ -6,6 +6,7 @@ in
   imports = [
     <niveum/configs/default.nix>
     <niveum/configs/battery.nix>
+    <niveum/configs/networkmanager.nix>
     ./hardware-configuration.nix
     # <stockholm/krebs/2configs/hw/x220.nix>
   ];

systems/zaatar/configuration.nix

@@ -3,7 +3,7 @@
   imports = [
     ./hardware-configuration.nix
     <home-manager/nixos>
-    <niveum/configs/wifi.nix>
+    <niveum/configs/wpa_supplicant.nix>
     <niveum/configs/keyboard.nix>
     <niveum/modules/retiolum.nix>
     <niveum/configs/spacetime.nix>