From 9da942ba47d34210e86a1a709e802eda5c3b95db Mon Sep 17 00:00:00 2001 From: Tim Keller Date: Sat, 30 Aug 2025 12:31:28 -0500 Subject: refactor users activation. refactor home manager config to match nixos conf and move tjkeller archetypes to users/timmy. update many of the exising home manager configs to be nicer and better organized. profile archetypes now include homeconfigs which can be enabled per user, and are setup using a new mkProfileArchetype function. --- users/timmy/wifi.nix | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 users/timmy/wifi.nix (limited to 'users/timmy/wifi.nix') diff --git a/users/timmy/wifi.nix b/users/timmy/wifi.nix new file mode 100644 index 0000000..9afcbc7 --- /dev/null +++ b/users/timmy/wifi.nix @@ -0,0 +1,38 @@ +{ lib, config, ... }: let + cfg = config._users.timmy.wifi; +in { + options._users.timmy.wifi = { + enable = lib.mkEnableOption "enables wifi"; + }; + + config = lib.mkIf cfg.enable { + networking.wireless = { + enable = true; # Enables wireless support via wpa_supplicant. + userControlled.enable = true; + allowAuxiliaryImperativeNetworks = true; # Networks defined in aux imperitive networks (/etc/wpa_supplicant.conf) + }; + + # Load wpa_supplicant.conf secret config + sops.secrets.wpa_supplicant-conf = { + sopsFile = ./resources/secrets/wpa_supplicant-conf.yaml; + }; + + # Link /etc/wpa_supplicant.conf -> secret config + environment.etc."wpa_supplicant.conf" = { + source = config.sops.secrets.wpa_supplicant-conf.path; + }; + + # This service is a workaround to ensure that secrets are available on + # reboot when the secret keys are on a separate subvolume + systemd.services.npcnix-force-rebuild-sops-hack = { + wantedBy = [ "multi-user.target" ]; + before = [ "wpa_supplicant.service" ]; + serviceConfig = { + ExecStart = "/run/current-system/activate"; + Type = "oneshot"; + Restart = "on-failure"; # because oneshot + RestartSec = "10s"; + }; + }; + }; +} -- cgit v1.2.3