{ config, inputs, lib, pkgs, ... }: { imports = [./sambaAutoMount.nix]; config = lib.mkIf config.ar.base.enable { age.secrets.wifi.file = ../../../secrets/wifi.age; networking.networkmanager = { enable = true; ensureProfiles = { environmentFiles = [config.age.secrets.wifi.path]; profiles = let mkOpenWiFi = ssid: { connection = { id = "${ssid}"; type = "wifi"; }; ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "default"; method = "auto"; }; wifi = { mode = "infrastructure"; ssid = "${ssid}"; }; }; mkWPAWiFi = ssid: psk: { connection = { id = "${ssid}"; type = "wifi"; }; ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "default"; method = "auto"; }; wifi = { mode = "infrastructure"; ssid = "${ssid}"; }; wifi-security = { auth-alg = "open"; key-mgmt = "wpa-psk"; psk = "${psk}"; }; }; in { "Dustin's A54" = mkWPAWiFi "Dustin's A54" "$DustinsA54PSK"; "javapatron" = mkOpenWiFi "javapatron"; "Stargate-Discovery" = mkWPAWiFi "Stargate-Discovery" "$StargateDiscoveryPSK"; "Taproom Public WiFi" = mkOpenWiFi "Taproom Public WiFi"; "wallace" = mkWPAWiFi "wallace" "$wallacePSK"; WeWorkWiFi = { "802-1x" = { eap = "peap;"; identity = "$WeWorkWiFiIdentity"; password = "$WeWorkWiFiPassword"; phase2-auth = "mschapv2"; }; connection = { id = "WeWorkWiFi"; type = "wifi"; }; wifi-security.key-mgmt = "wpa-eap"; wifi.ssid = "WeWorkWiFi"; }; }; }; }; services = { avahi = { enable = true; nssmdns4 = true; openFirewall = true; publish = { enable = true; addresses = true; userServices = true; workstation = true; }; }; openssh = { enable = true; openFirewall = true; settings.PasswordAuthentication = false; }; printing.enable = true; }; }; }