primrose/.files
1
0
Fork 0
mirror of https://codeberg.org/leana8959/.files.git synced 2025-12-06 14:49:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

vanadium/connectivity: refactor network

Browse source 
Another week another useless abstraction
This commit is contained in:
Primrose 2025-10-22 21:12:28 +08:00
parent 6c6d4ec13a
commit 3ac7e3b73b
Signed by: primrose
GPG key ID: 4E887A4CA9714ADA
1 changed files with 120 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

204
nix/configurations/vanadium/nixos/connectivity.nix
View file

@ -38,98 +38,134 @@
secretsFile = config.age.secrets.wpa_password.path; secretsFile = config.age.secrets.wpa_password.path;
scanOnLowSignal = false; scanOnLowSignal = false;
networks = let networks = let
properties = lib.flip lib.pipe; # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
networks = lib.flip lib.genAttrs (_: {}); escapePwdKey = lib.replaceStrings ["="] ["_"];
# The higher the more preferred privatePriority = 10;
setPrio = i: lib.mapAttrs (_: conf: conf // {priority = i;}); limitedPriority = -10;
private = setPrio 10;
limited = setPrio (-10);
extraConfig = value: conf: conf // {extraConfig = conf.extraConfig or "" + value;}; fromList = ns: let
randomizeMac = lib.mapAttrs (_: extraConfig "mac_addr=1\n"); go = networkArgs @ {
roaming = lib.mapAttrs (_: extraConfig "bgscan=\"simple:30:-70:3600\"\n"); ssid,
# Custom fields wrapping nixpkgs module options
hasPsk = let hasPassword ? false,
# wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`. scanOnLowSignal ? false,
escapePwdKey = lib.replaceStrings ["="] ["_"]; randomizeMac ? false,
in ...
lib.mapAttrs (name: conf: conf // {pskRaw = "ext:${escapePwdKey conf.ssid or name}";}); }: {
in ${ssid} = lib.mkMerge [
lib.mkMerge [ (builtins.removeAttrs networkArgs ["ssid" "hasPassword" "scanOnLowSignal" "randomizeMac"])
(properties [private hasPsk] (lib.optionalAttrs hasPassword {
(networks [ pskRaw = "ext:${escapePwdKey ssid}";
"~" })
"Peis Wifi" (lib.optionalAttrs scanOnLowSignal {
"girlypop-net" extraConfig = ''
])) bgscan="simple:30:-70:3600"
(properties [private roaming hasPsk]
(networks [
"annapurna"
"5526-1" # TODO: prefer dead dead dodo later
]))
#
# School
#
(properties [private roaming]
{
eduroam = {
authProtocols = ["WPA-EAP"];
auth = ''
pairwise=CCMP
group=CCMP TKIP
eap=PEAP
ca_cert="${./certs/universite_de_rennes.pem}"
identity="ychiang@etudiant.univ-rennes.fr"
altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
phase2="auth=MSCHAPV2"
password=ext:EDUROAM
anonymous_identity="anonymous@univ-rennes.fr"
''; '';
}; })
}) (lib.optionalAttrs randomizeMac {
extraConfig = ''
mac_addr=1
'';
})
];
};
in
lib.mkMerge (map go ns);
in
fromList [
{
ssid = "~";
priority = privatePriority;
hasPassword = true;
}
{
ssid = "Peis Wifi";
priority = privatePriority;
hasPassword = true;
}
{
ssid = "girlypop-net";
priority = privatePriority;
hasPassword = true;
}
# {
# Cafés ssid = "annapurna";
# priority = privatePriority;
(properties [private randomizeMac hasPsk] hasPassword = true;
(networks [ scanOnLowSignal = true;
"A-WAY" }
"CAT.jpgcafe" {
"LOUISA" # 區公所 ssid = "5526-1"; # TODO: set bssid preference ?
"LouisaCoffee" # 七張 priority = privatePriority;
"MetroTaipei x Louisa" # 大安 hasPassword = true;
])) scanOnLowSignal = true;
}
# {
# Open networks ssid = "eduroam";
# priority = privatePriority;
# scanOnLowSignal = true;
# Use this link to do portal login
# http://detectportal.firefox.com/canonical.html
(properties [randomizeMac]
(networks [
# Transport
"_SNCF_WIFI_INOUI"
"_WIFI_LYRIA"
"EurostarTrainsWiFi"
"SBB-FREE"
"AOT Airport Free Wi-Fi by NT"
# Library authProtocols = ["WPA-EAP"];
"NewTaipei" auth = ''
pairwise=CCMP
group=CCMP TKIP
eap=PEAP
ca_cert="${./certs/universite_de_rennes.pem}"
identity="ychiang@etudiant.univ-rennes.fr"
altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
phase2="auth=MSCHAPV2"
password=ext:EDUROAM
anonymous_identity="anonymous@univ-rennes.fr"
'';
}
"Fami-WiFi" {
])) ssid = "A-WAY";
priority = privatePriority;
hasPassword = true;
randomizeMac = true;
}
{
ssid = "CAT.jpgcafe";
priority = privatePriority;
hasPassword = true;
randomizeMac = true;
}
{
ssid = "LOUISA"; # 區公所
priority = privatePriority;
hasPassword = true;
randomizeMac = true;
}
{
ssid = "LouisaCoffee"; # 七張
priority = privatePriority;
hasPassword = true;
randomizeMac = true;
}
{
ssid = "MetroTaipei x Louisa"; # 大安
priority = privatePriority;
hasPassword = true;
randomizeMac = true;
}
# {ssid = "_SNCF_WIFI_INOUI";}
# Phones {ssid = "_WIFI_LYRIA";}
# {ssid = "EurostarTrainsWiFi";}
(properties [limited hasPsk] {ssid = "SBB-FREE";}
(networks [ {ssid = "AOT Airport Free Wi-Fi by NT";}
"iPhone de Léana " {ssid = "NewTaipei";}
])) {ssid = "Fami-WiFi";}
{
ssid = "iPhone de Léana ";
priority = limitedPriority;
hasPassword = true;
}
]; ];
}; };
}; };