primrose/.files
1
0
Fork 0
mirror of https://codeberg.org/leana8959/.files.git synced 2025-12-06 14:49:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
.files/nix/configurations/iron/nixos/connectivity.nix
Léana 江 9aafa0207c
iron: init
2025-10-23 11:37:44 +08:00

70 lines
2 KiB
Nix
Raw Blame History

{
config,
lib,
...
}: {
users.users.root.openssh.authorizedKeys.keys = let
# TODO: put iron keys in identities
ids = import ../../../identities.nix;
in
builtins.concatMap builtins.attrValues (builtins.attrValues ids);
networking = {
networkmanager.enable = lib.mkForce false;
firewall.allowedTCPPorts = [
8080
# For 'localsend'
# https://github.com/localsend/localsend?tab=readme-ov-file#setup
53317
];
# To enable roaming https://wiki.archlinux.org/title/Wpa_supplicant#Roaming
wireless = {
enable = true;
userControlled.enable = true;
secretsFile = config.age.secrets.wpa_password.path;
scanOnLowSignal = false;
networks = let
# wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
escapePwdKey = lib.replaceStrings ["="] ["_"];
fromList = ns: let
go = networkArgs @ {
ssid,
# Custom fields wrapping nixpkgs module options
hasPassword ? false,
scanOnLowSignal ? false,
randomizeMac ? false,
...
}: {
${ssid} = lib.mkMerge [
(builtins.removeAttrs networkArgs ["ssid" "hasPassword" "scanOnLowSignal" "randomizeMac"])
(lib.optionalAttrs hasPassword {
pskRaw = "ext:${escapePwdKey ssid}";
})
(lib.optionalAttrs scanOnLowSignal {
extraConfig = ''
bgscan="simple:30:-70:3600"
'';
})
(lib.optionalAttrs randomizeMac {
extraConfig = ''
mac_addr=1
'';
})
];
};
in
lib.mkMerge (map go ns);
in
# TODO: move this upward like identities
fromList (import ./connectivity/networks.nix);
};
};
services.mullvad-vpn.enable = true;
hardware.bluetooth.enable = true;
}
Reference in a new issue View git blame Copy permalink