diff --git a/common/secrets.nix b/common/secrets.nix index 9e7cc39..1716cb1 100644 --- a/common/secrets.nix +++ b/common/secrets.nix @@ -1,6 +1,5 @@ { age.secrets = { - home-wifi-ssid.file = ../secrets/home-wifi-ssid.age; - home-wifi-password.file = ../secrets/home-wifi-password.age; + network-manager.file = ../secrets/network-manager.age; }; } diff --git a/hosts/harmonica/configuration.nix b/hosts/harmonica/configuration.nix index e546587..6e7c07a 100644 --- a/hosts/harmonica/configuration.nix +++ b/hosts/harmonica/configuration.nix @@ -1,4 +1,5 @@ { + config, lib, modulesPath, pkgs, @@ -84,20 +85,71 @@ swraid.enable = lib.mkForce false; }; - networking = { - interfaces."wlan0".useDHCP = true; - wireless = { - enable = true; - interfaces = ["wlan0"]; - # ! Change the following to connect to your own network - networks = { - "${secrets.home-wifi-ssid.age}" = { - psk = "${secrets.home-wifi-password.age}"; + # networking = { + # interfaces."wlan0".useDHCP = true; + # wireless = { + # enable = true; + # interfaces = ["wlan0"]; + # # ! Change the following to connect to your own network + # networks = { + # "${config.age.secrets.home-wifi-ssid.}" = { + # psk = "${secrets.home-wifi-password.age}"; + # }; + # }; + # }; + # }; + networking.networkmanager.ensureProfiles = { + environmentFiles = [ + config.age.secrets.nm-secrets.path + ]; + + profiles = { + House_Bayram = { + connection = { + id = "House_Bayram"; + type = "wifi"; + }; + ipv4 = { + method = "auto"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + wifi = { + mode = "infrastructure"; + ssid = "House_Bayram"; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + psk = "$HOME_WIFI"; + }; + }; + it_hurts_when_IP = { + connection = { + id = "it_hurts_when_IP"; + type = "ethernet"; + }; + ipv4 = { + method = "auto"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + wifi = { + mode = "infrastructure"; + ssid = "it_hurts_when_IP"; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + psk = "$HOME_WIFI"; }; }; }; }; + # Enable OpenSSH out of the box. services.sshd.enable = true; diff --git a/secrets/home-wifi-password.age b/secrets/home-wifi-password.age deleted file mode 100644 index 081eeba..0000000 --- a/secrets/home-wifi-password.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 kHqLyg woA6xpvXAda0BzF/R+2/CnZk7lUzxMQn5b9dVZk0UDk -MmzfOkibx20SnEVA1tlWFwVRt2TPy8+vE4SBr/6HEvc --> ssh-ed25519 a9zBzw zZ1/d0mP0cdz6WDcXMNwBOPtqavuIgxkofVCReISNH8 -wjNiKNYRzIeUdoznqftVWF8cO1sj7xIqS8MEqpNtqNU ---- /iuuEaPzfH39OiUpNLiXLIcCeTYLV6KPAByem7oZ7EU -{? Q c"+6TC6RDon K" F \ No newline at end of file diff --git a/secrets/home-wifi-ssid.age b/secrets/home-wifi-ssid.age deleted file mode 100644 index 717e107..0000000 --- a/secrets/home-wifi-ssid.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 kHqLyg PvHw7QO60UMsgCzcUeQrB9AtgZqXXujpJBBST66FqDY -PxwgZ4nF+fLPvQz+TcL0G02RET1AMCZ9sgFeWebXiOk --> ssh-ed25519 a9zBzw gNppgNrAFO0wb/iNOfkGFhagqRe32Mh9AGOYmkslJlU -ARjjZQxfnH2r4feytbVSVEfnWf2AKa8psIfl+HtN2oM ---- GtCIl90bG/BhaBAHkYE6wml2KPOm4/IN/X5zQxcZRXo -"(IB,wds`'NNݏaF _쩜 \ No newline at end of file diff --git a/secrets/network-manager.age b/secrets/network-manager.age new file mode 100644 index 0000000..ca8c3f3 --- /dev/null +++ b/secrets/network-manager.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 kHqLyg zm3tVSNUKnNIT/vSGBf8kG2E86swC+6AkU//FkJxayc +v0VwkFG0ILrcUMg5d32a/PTS1fcGFtKM/ykF0SRdtv8 +-> ssh-ed25519 a9zBzw REq2BogyBTL9BTsiyMf6+Qr3nl7YeOMAi8xcljzVGDI +OdVlIN6wD7oHEBiej+DF3mY7n0PLVGjFdazCuPIbQX0 +--- b3RQD0vvnCCDVLRRHPdY73sKeogzp+r9X0kn65H7clQ +wCC3殢$F؈=8Ye-lBǧ +ne2{$8KocbM0HWrwi#~ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 5c1416f..edf4293 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -7,9 +7,5 @@ let tartarus ]; in { - ymir = ymir; - tartarus = tartarus; - - "home-wifi-ssid.age".publicKeys = machines; - "home-wifi-password.age".publicKeys = machines; + "network-manager.age".publicKeys = machines; }