zaphyra's git: nixfiles

config/nixos/modules/presets: add `cccdaWifi`

diff --git a/config/nixos/modules/presets/cccdaWifi.nix b/config/nixos/modules/presets/cccdaWifi.nix
@@ -0,0 +1,57 @@
+{
+  povSelf,
+  pkgs,
+  lib,
+  config,
+  hostConfig,
+  ...
+}:
+let
+  inherit (lib) types;
+  cfg = lib.getAttrFromPath povSelf config;
+
+in
+{
+
+  options = {
+    enable = {
+      type = types.bool;
+      default = false;
+    };
+    username.type = types.str;
+    envFile.type = types.path;
+  };
+
+  config = lib.mkIf cfg.enable {
+    networking.networkmanager.ensureProfiles = {
+      environmentFiles = [ cfg.envFile ];
+      profiles.ccc-da-wifi = {
+        connection = {
+          id = "darmstadt.ccc.de";
+          type = "wifi";
+          uuid = "945c40f1-a800-4619-8276-1002a718a9f2";
+          autoconnect = "true";
+        };
+        "wifi" = {
+          ssid = "darmstadt.ccc.de";
+          mode = "infrastructure";
+        };
+        "wifi-security" = {
+          "auth-alg" = "open";
+          "key-mgmt" = "wpa-eap";
+        };
+        "802-1x" = {
+          "eap" = "ttls";
+          "phase2-auth" = "pap";
+          "ca-cert" = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+          "altsubject-matches" = "DNS:radius.cccda.de";
+          "identity" = cfg.username;
+          "password" = "$PASSWORD";
+        };
+        ipv4.method = "auto";
+        ipv6.method = "auto";
+      };
+    };
+  };
+
+}+
\ No newline at end of file

diff --git a/hosts/huntii/default.nix b/hosts/huntii/default.nix
@@ -18,6 +18,8 @@
 
       boot.initrd.systemd.emergencyAccess = true;
 
+      sops.secrets."environments/cccdaWifi" = {};
+
       modules = {
         filesystem = {
           impermanence.system.enable = true;

@@ -50,6 +52,12 @@
 
           graphical.enable = true;
           graphical.type = "gnomeMinimal";
+
+          cccdaWifi = {
+            enable = true;
+            username = "zaphyra";
+            envFile = config.sops.secrets."environments/cccdaWifi".path;
+          };
         };
 
         services = {

diff --git a/secrets/huntii.yaml b/secrets/huntii.yaml
@@ -2,6 +2,8 @@ machine-id: ENC[AES256_GCM,data:+BtEuwGROivPn2ndlSdw2z1yzL6jNoIBoJOOq6qhqOM=,iv:
 acmeTSIGKey: ENC[AES256_GCM,data:fB7CDRbheyldWpoCX47bozeA4baGS/bmhnsy1KqYzPplK92HMer7v6eZx1S3vsNjCd862FK9iLo3AlIdLu3Vew==,iv:/R+FjiAGfZgjebPv6bV3BoqHt/lAiAJjVNsyy2jBtpQ=,tag:W6vcwVfKpnRRIyWKNWHhHA==,type:str]
 syncthingCert: ENC[AES256_GCM,data:f1IFEblA+0kkM11HZCKlRxAKKxRt78W+iYoYiFdE3OBgBanEkbCIXYFAXclZE5WxHkIk2j7Qyf1d4IZN0tyMI+b+AfyjmPHHEO7MxrxHwjg0hzjMRjwO9TOtITnK7Ayz2OTdCcbCgJJK9QF2DqPSK/eQ+aB9bq8RoSedo5+gFJZY1MPW9SeKYYVb0c4cIDimc5WnhvXo/Ma+sXqIKz/YXTAFJig8FJTT7fz8sF/PxGRBln8YWFe4w6VIwsZk0Gerlq9Lt1OyWc7IJw7RxoQpBX6Yi4qqmjeYaVS0R2UsVafnoUzXLt1CMT6EJsW+y+0samy9qTIPnmn/xZEmzIiXKJJGyeMJiVA010S/feXFukcU0xxrfVhCRyCi1/oP15WePjZUOX2ezJLLFPRUbfXQKVJgsD4/EPvfahqXRuz9SOnJeLR0pfMA3hWMDMLY+PuUEaQIDiAF0mt4jZz/ASERaxRegDD0RGEnqu0fcJk1UrpqnUvFXcADW41psdCm5CJB7oG9ydARkEXMmLW5lO60yItWFl1zAVd5QXoLERSBH3SR5xUF9B9ip+9ruPxjlAMK+v84ZiHiXDgOphJYNsODPBtZ5s96LL5/pLAWk0g4AviJNwvIsg7MqvN2rO9cl60g6JVQhQq7jHFBYJOlfa9pLoRDZW+BYWo3Hw+5SfPK/phNtCFxdNC2Uk7dOd4bK0v8q+nWPmqx1FdGmbvVomTHnnDInlNhKwfSSeN4a9Hb4rhZIjB3RKQU/ILSfgWQ9n1+MtQV9moESqZhHP3UgAMoXt7fiI4hVQayUtvPVo3pUlUwNYNyof0axtAciLs/uSlNpI6zbVNTKK/UtoLly4FWdUgX7wySiv7sEKdunCheZ2M7olIqLJk6Bsd1YMwoAR2S5a7nEtip+jELimwViAaJFvQ97RcLePXoe7elQc1TjH+DuRzx54KPbi6bs2xMETDAiosP987928zj0mn423DDuJevQAv5KunEtKcLjxtE7edFaxGjAENhpGN+JrZqtR4xiNvvl2Xtrd6G+sjatrrqG4JCfFx8FeUZ1IA=,iv:8mxfqZ660MYkK9PUPk9xLqtaQzHbtg7IcmwOMRoheVk=,tag:oAwxflAm1NYTqZ7O9WIK8Q==,type:str]
 syncthingKey: ENC[AES256_GCM,data:JSu2c+Pq5TD1JF441OrZYOXX8hggGMtjKNsuOBBywk8DEtZwep3gVUTNpjNlvYc/HicsLTgPLt1ZND622ctmt8JcXdAGfSkj8kq1KqpkC6leyEDU57MODoSnFIPVPfqvPCQMYKYhCmbcceJE8Rw3tT9NEH8N0aPMRuTYDgsGmZ8zEDVzSuAcGlHN2EOttX9ohjXh2ApEmvuBbHENLLqasIlW38RvMCAUrmMI+cqRspWfaOoeb3uH23FGPSQLYwDQ8bKBm78elbKukC3t5sTurLday3koHctuKtUYpA2LQCWarAnI/+z/wZ5OKHqayMtzvoqJN0aERniaxOoSjkrTwLiJeZSqvof8a3lqw4XnXhsStTvK30kuVSxqQkHAFONz,iv:YVvzB6+bcnTCpaJvDa9G5mOwxnsZ0bMRGn7/mhyqZiY=,tag:S+i1RKmy/ASUN4dxOeJBuA==,type:str]
+environments:
+    cccdaWifi: ENC[AES256_GCM,data:O6Id4IrlJLfVfbwZJ4oz9jelYtBXVSUY,iv:o9Rv20e3+bXGMDJQgVqW3gcJH1qqhx249xBKO3Hclvc=,tag:ybYRLE0pLnbv2tnxcZGGPA==,type:str]
 sops:
     age:
         - recipient: age1laajqafnm4ft2m73wq7yqug4ts04ddn59wlqs4t30upeqa35dpdqu8fu3n

@@ -13,8 +15,8 @@ sops:
             TUFjemN1cTNEZGlIcHF2L3hXZ3ZOeWMKK8AR4Ovh7LYwxEsV6uGyLM9WmAQlTeuL
             adoHhpotA0GfDTga0UsrBP44+6QU1V8+yX6XJPzZIltH1DIVcHV70w==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-06-03T13:50:44Z"
-    mac: ENC[AES256_GCM,data:UKQpIjXyDHBy8G7fRRLZKLvRXdHHiot4erg1J4OC28FEKqzbctJxmZCeuZV3nlBhUfNF6i+Laexg7abHEOD5fq2eIt33Y6mRBovpRWbaaKfOFVln6tVTcf5utHyGEzQtQ/cHSBVVOYjwRXFYWreo4dukis1ye2fj3ThnkkP7Xpg=,iv:kadyCTJr7rJsD9Dc37st6cR1i/IVNXi7VUoKYu9hNSs=,tag:1p34fy9QH3njrZVgpx9ZoQ==,type:str]
+    lastmodified: "2025-06-06T19:15:33Z"
+    mac: ENC[AES256_GCM,data:dYdKl6pU6uVpPj+YecwFo+EbkVuXfRF8fYhMphhf40JTyDRR0M6IWOseYdReag8XaJLeaMlFPUXC14SnX6LSrI/uEci+ZdiQ4j3Rvl/HFBzXabuk5WSE20MenkEndtGG/UGOFjz63/IlgqJZrtv21VD4Sks82KZo/J07JO8ULqs=,iv:pCvAkzjc5Fpd71iUzv2K8Vy65X8Za77opsCEjDqlRC8=,tag:oK/RfdSnPBBmZjQjEXA3DQ==,type:str]
     pgp:
         - created_at: "2025-06-04T20:02:52Z"
           enc: |-