wpa_supplicant module: add an option for accepting raw PSKs

fix #12892
This commit is contained in:
Nathan Zadoks 2016-02-09 16:53:11 +01:00
parent 75739fd05b
commit 9e986c161b
1 changed files with 25 additions and 3 deletions

View File

@ -8,11 +8,15 @@ let
${optionalString cfg.userControlled.enable ''
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}
update_config=1''}
${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: ''
${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: let
psk = if networkConfig.psk != null
then ''"${networkConfig.psk}"''
else networkConfig.pskRaw;
in ''
network={
ssid="${ssid}"
${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''}
${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''}
${optionalString (psk != null) ''psk=${psk}''}
${optionalString (psk == null) ''key_mgmt=NONE''}
}
'') cfg.networks)}
'' else "/etc/wpa_supplicant.conf";
@ -49,6 +53,19 @@ in {
Be aware that these will be written to the nix store
in plaintext!
Mutually exclusive with <varname>pskRaw</varname>.
'';
};
pskRaw = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The network's pre-shared key in hex defaulting
to being a network without any authentication.
Mutually exclusive with <varname>psk</varname>.
'';
};
};
@ -95,6 +112,11 @@ in {
config = mkMerge [
(mkIf cfg.enable {
assertions = flip mapAttrsToList cfg.networks (name: cfg: {
assertion = cfg.psk == null || cfg.pskRaw == null;
message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive'';
});
environment.systemPackages = [ pkgs.wpa_supplicant ];
services.dbus.packages = [ pkgs.wpa_supplicant ];