blob: 96fe5c889092bd1de1b69c0b591c294991dddbbf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
{ lib, config, ... }: {
options = {
wifi.enable = lib.mkEnableOption "enables wifi";
};
config = lib.mkIf config.wifi.enable {
networking.wireless = {
enable = true; # Enables wireless support via wpa_supplicant.
userControlled.enable = true;
allowAuxiliaryImperativeNetworks = true; # Networks defined in aux imperitive networks (/etc/wpa_supplicant.conf)
};
# Link /etc/wpa_supplicant.conf -> secret config
environment.etc."wpa_supplicant.conf" = {
source = config.sops.secrets.wpa_supplicant-conf.path;
};
# This service is a workaround to ensure that secrets are available on
# reboot when the secret keys are on a separate subvolume
systemd.services.npcnix-force-rebuild-sops-hack = {
wantedBy = [ "multi-user.target" ];
before = [ "wpa_supplicant.service" ];
serviceConfig = {
ExecStart = "/run/current-system/activate";
Type = "oneshot";
Restart = "on-failure"; # because oneshot
RestartSec = "10s";
};
};
};
}
|
