From d2457e513542cda1c79c7d62e586483552ab645d Mon Sep 17 00:00:00 2001
From: nx2 <nx2@local>
Date: Wed, 6 Mar 2024 16:23:06 +0100
Subject: [PATCH] home writes nmconfig and .ssl

---
 configuration.nix                      |  10 ++--------
 home.nix                               |  14 ++++++++++++--
 secrets/passwords-and-certificates.nix | Bin 275 -> 1099 bytes
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 6d7599e..1904783 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -60,14 +60,8 @@
   #hardware.pulseaudio.enable = true;
 
   # rtkit is optional but recommended
-  security = {
-    rtkit.enable = true;
-    pki.certificates = [ 
-      secrets.easyroamHSMW.clientKey
-      secrets.easyroamHSMW.clientCert
-      secrets.easyroamHSMW.rootCa
-    ];  
-  };
+  security.rtkit.enable = true; 
+
 
 
   services.pipewire = {
diff --git a/home.nix b/home.nix
index fe14871..95b2cf2 100644
--- a/home.nix
+++ b/home.nix
@@ -88,8 +88,18 @@
   # };
 
 
-  # Home Manager is pretty good at managing dotfiles. The primary way to manage
-  # plain files is through 'home.file'.
+  # NETWORKING
+  home.file = {
+    # easyroam HSMW
+    ".ssl/easyroam_client_cert.pem".source = ./secrets/easyroam-hsmw/easyroam_client_cert.pem;
+    ".ssl/easyroam_root_ca.pem".source = ./secrets/easyroam-hsmw/easyroam_root_ca.pem;
+    ".ssl/easyroam_client_key.pem".source = ./secrets/easyroam-hsmw/easyroam_client_key.pem;
+  };
+    networking.networkmanager.extraConfig = concatStringsSep "\n" [
+      secrets.eduroamHSMW.nmconfig
+    ];
+
+
   home.file = {
 
     # ".config/libinput/gestures".text = ''
diff --git a/secrets/passwords-and-certificates.nix b/secrets/passwords-and-certificates.nix
index e9ffc5bbe8494d1e89e13db267a53423595fb686..97ddf2e64eaea554b6b48e323ba7b236280078b3 100644
GIT binary patch
literal 1099
zcmZQ@_Y83kiVO&0m}m8D^Sq8YNuNy{L_{S+=E{~AOwF2lWIM~E<yQmOto55w{J!x(
zjqJbpjy)UdJfHn2xM6zI=66Wk^66#o?tR&($5Oj)*Obi#@pGLnM1|BYkq$JUHvbZ<
z5QB26QcyDc*LU+Pit6~T9I6RDn3l6;VOC?o=Ko^5{=HnV>i>_63KxR?(i4uEy1Y)2
z68Y^UG4+l9S@Z4IoQq@JC&>ht@O!Dg{u}iCKxxuP*RS6nRz6mGer;ox!|gu4`U)l4
z#Y;P9EOT?=nOXA9%22Q?F!0OmWUm-Dy&Wvy92c#vQdDW|e8#)eZDH{9QyoGT@(jri
z``)xv7@dE*>!4Zwm$kYRAFn*EA@E*Nsr<~>*t5T9sKy*$X1dPe!I8P2Ht#;Qv3So@
z(-|q#g6C}Il57dezFD!|u#X|IldnVdP`PgQEQgQn@jOpO559Qy<g9l3p%tIsIw=U(
zIPKQ^ATXIfK%F(NrY$;`w<&A2wpQ(`$eK6DuD@9{vB*{9%Mul_Z)elrd#9~bZ$56r
zf2Szbc9{lyPrr$j%3+^1tE&0i#BcnsnmsG=QG<PB1oO8`o5Wt8e)Xrux+KN0iI>$k
zq+&tu<8T&VeReJB=((Tng*ks(8_)IO@6q$C;+L$HWVgI4!Fkq}i*w=A8P!L(ADXu4
z=;AlmIJ}krS}r?fd9?Pr-By>c4Ld873*GdtYO^Z_KTiMjAx5`)^VLU-_&QSWy^5M(
zB(=9j<&n{2!PO-P7Cd5e`1VHM>%^KloFX|nUo7Xon9Tb!%6opzYnk17f|oDxwW{yj
z6==d3IP>MA%qdKwTZ}FoyZudq@$!-uZjspP$(zd#oO!G)xaYFoHO=kIC&^gbZ_!eW
zQdl74wY0N&D<l8BlcHU(`aat7t%`qgl38Q9&w*!mMZVp8!R`22<WH~Pvcl*BXTyy1
zXUbmP*dwW(pf7%gH@wO}^LU`Mmi@0rA<_BiiaRIxEq1)zu-P$7`*M#|U!s<0)Rl+#
zPy7#mp(Xh2#&X|umLjgX<+a|w+AV^O?tPKd=h5%a_K+#kuNLHZm8SJCMJ`-Y`RnVY
znqCu2|D8x*e|cq^x%P23ojo6F*>9iUe!1i3pO+U!e?4neW9GV}R(WED3cFaa`qrr>
zHpa&vPi^^~)E|9OLfp1m>{;(L?N5fMnIBw@+kd+}^NEIP&WC@|?%7{%MLcttKie_)
zW$=L{o3>l)f7|SNbH76<JaYE44qNWxvh7RSZyb$WxS+-T=)x0?yZ##`B`js$eAsP*
zt`*PcC%<_%eCe~>6rfb-!u4;`-j+Av%lTt9vi>HN&q+utXfL+Oc*P}NboOq)|HLXQ
z=lAV*T~=-6ZISA$N?Dz`ov-Op<_Q_z(5Vj}X}6ZhZ$Gul{mh#>wHe{gJ8RAN)h96M
zT#d}CNn^aWZ?eLVWBQ_20Y#JJ-e;{eDq!#pvp;=>@5zqo_4a}hJhp*5j+MS_)jOS9
UsIhyV#&Z8=1HaOVvxH9r0Cqqc+yDRo

literal 275
zcmZQ@_Y83kiVO&0usits;x~m!3*%nYbgXEddeb1{+YE*uOpm+#eBO$BEt4>s(4OM5
z_2Wt9^~L<W^BU9tHLhsxOJy_?Ydrl~AV*>5YS-H}iY6J~N~GK#y=G+ZmwB$lyh_n@
z+Q+xW-|a#yzVP456JJ{E;Z$rtE1_=rf^U;HmU>@RDE0WSF?%9|kD;w4?*a=Ck#nY&
zQs2zZaI)O<UGd?#u`^o=OXBB-ttSs(x}BcGDE7|HV}iGjZ_B)>V;1N4YP_7<_%=Le
zf9+zSqkJ)O(p`36*6G~S|Ms=+YwPWL|8I%U+EjHzZHomxT#l;hO=x4!T{!h%-}Q-d
jm7AXT%e~E*tgC#dPPgz^(9W=fljh&iX*kDqb749FY^;IM