vanadium: refactor network

Another week yet another useless refactor. I think it's remarkable that I managed to write nix like lisp. Parentheses yum yum.
2025-12-06 14:49:14 +00:00 · 2025-09-21 12:04:19 +08:00 · 2025-09-21 12:04:19 +08:00 · 6071c57007
commit 6071c57007
parent 525c5b8409
1 changed files with 71 additions and 58 deletions
--- a/nix/configurations/vanadium/nixos/connectivity.nix
+++ b/nix/configurations/vanadium/nixos/connectivity.nix
@ -38,76 +38,89 @@
      secretsFile = config.age.secrets.wpa_password.path;
      scanOnLowSignal = false;
      networks = let
        properties = lib.flip lib.pipe;
        networks = lib.flip lib.genAttrs (_: {});
        # The higher the more preferred
-        prio = i: lib.mapAttrs (_: conf: conf // {priority = i;});
+        setPrio = i: lib.mapAttrs (_: conf: conf // {priority = i;});
        private = setPrio 10;
        limited = setPrio (-10);
-        privatePrio = prio 10;
+        extraConfig = value: conf: conf // {extraConfig = conf.extraConfig or "" + value;};
-        limitedDataPrio = prio (-10);
+        randomizeMac = lib.mapAttrs (_: extraConfig "mac_addr=1\n");
        roaming = lib.mapAttrs (_: extraConfig "bgscan=\"simple:30:-70:3600\"\n");
-        openNetworks = lib.flip lib.genAttrs (_: {});
+        hasPsk = let
        pskNetworks = let
          # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
          escapePwdKey = lib.replaceStrings ["="] ["_"];
        in
-          lib.flip lib.genAttrs (name: {pskRaw = "ext:${escapePwdKey name}";});
+          lib.mapAttrs (name: conf: conf // {pskRaw = "ext:${escapePwdKey conf.ssid or name}";});
      in
        lib.mkMerge [
-          (privatePrio (pskNetworks [
+          (properties [private hasPsk]
-            "HiddenParadize@Earth2077"
+            (networks [
-            "Pei’s Wifi"
+              "HiddenParadize@Earth2077"
-            "girlypop-net"
+              "Pei’s Wifi"
-            "annapurna"
+              "girlypop-net"
-            "5526-1"
+            ]))
          (properties [private roaming hasPsk]
            (networks [
              "annapurna"
              "5526-1"
            ]))
-            "A-WAY"
+          #
-            "CAT.jpgcafe"
+          # School
-            # TODO: Figure out how to configure networks of "same password, different ssid".
+          #
-            #
+          (properties [private roaming]
-            # In the following documentation, bssid can be used to match
+            {
-            # Besides, is it possible to have duplicated SSID?
+              eduroam = {
-            # https://man.freebsd.org/cgi/man.cgi?wpa_supplicant.conf%285%29
+                authProtocols = ["WPA-EAP"];
-            "LOUISA" # 區公所
+                auth = ''
-            "LouisaCoffee" # 七張
+                  pairwise=CCMP
-            "MetroTaipei x Louisa" # 大安
+                  group=CCMP TKIP
-          ]))
+                  eap=PEAP
                  ca_cert="${./certs/universite_de_rennes.pem}"
                  identity="ychiang@etudiant.univ-rennes.fr"
                  altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
                  phase2="auth=MSCHAPV2"
                  password=ext:EDUROAM
                  anonymous_identity="anonymous@univ-rennes.fr"
                '';
              };
            })
-          (limitedDataPrio (pskNetworks [
+          #
-            "iPhone de Léana 江"
+          # Cafés
-          ]))
+          #
          (properties [private randomizeMac hasPsk]
            (networks [
              "A-WAY"
              "CAT.jpgcafe"
              "LOUISA" # 區公所
              "LouisaCoffee" # 七張
              "MetroTaipei x Louisa" # 大安
            ]))
-          (openNetworks [
+          #
-            "_SNCF_WIFI_INOUI"
+          # Transport
-            "_WIFI_LYRIA"
+          #
-            "EurostarTrainsWiFi"
+          (properties [randomizeMac]
-            "SBB-FREE"
+            (networks [
-            "AOT Airport Free Wi-Fi by NT"
+              "_SNCF_WIFI_INOUI"
-          ])
+              "_WIFI_LYRIA"
              "EurostarTrainsWiFi"
              "SBB-FREE"
              "AOT Airport Free Wi-Fi by NT"
            ]))
-          # TODO: Delete this when my account is deactivated
+          #
-          {
+          # Phones
-            eduroam = {
+          #
-              authProtocols = ["WPA-EAP"];
+          (properties [limited hasPsk]
-              auth = ''
+            (networks [
-                pairwise=CCMP
+              "iPhone de Léana 江"
-                group=CCMP TKIP
+            ]))
                eap=PEAP
                ca_cert="${./certs/universite_de_rennes.pem}"
                identity="ychiang@etudiant.univ-rennes.fr"
                altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
                phase2="auth=MSCHAPV2"
                password=ext:EDUROAM
                anonymous_identity="anonymous@univ-rennes.fr"
              '';
            };
          }
          # Other per-network configuration
          # bgscan has performance penalty so we don't enable it globally
          {
            "5526-1".extraConfig = ''
              bgscan="simple:30:-70:3600"
            '';
          }
        ];
    };
  };