New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
network-manager: declarative config #12219
Conversation
By analyzing the blame information on this pull request, we identified @globin, @rickynils and @nmikhailov to be potential reviewers |
The wifi portion runs through |
@NeQuissimus I have no idea... I've done along the way it's done for the wpa_supplicant module; this one also seems to keep PSKs in plaintext. I glanced over the wpa_passphrase man page, but I can't understand what it does and how it can help. Anyway, there's a warning in the manual, and one's free to skip this feature and fall back to regular |
For example, you would normally have this
After running through wpa_passphrase, it would look like this but still work as well:
Remove the commented line and everything works just the same, except the PSK is no longer plain-text. |
I just started working on a more advanced version of this. Still early wip, but wanted to mention this now. I would probably continue to work on this in ~1-2 weeks if there's interest. |
I don't really know anything about "wpa_passphrase", or interactions between wpa_supplicant and NM (I'm actually totally a newbie to NetworkManager itself), thus I'm not planning to add support for it in the PR. If anybody is more knowledgeable in this area (@NeQuissimus?), I suppose they're more than welcome to send another PR. To make it clear, I want to explain my intention is just to help the project (and future newbies to it) to the extent I'm able to, by sending this PR as an improvement for an issue I had when I tried to install NixOS for the first time (namely, not knowing how to configure a WiFi network in NetworkManager on command line, thus having to research it on the Internet, and wanting to have it done declaratively anyway). As to the interface and implementation, I tried to follow the example set by the wpa_supplicant module, being advised so on the mailing list. |
Hi @akavel , I think it's really cool what you did. Do you know if there is any way to store the passwords encrypted ? I think that with your PR the password would end-up in the /nix/store in clear ^_^ |
According to https://wiki.debian.org/WiFi/HowToUse#WPA-PSK_and_WPA2-PSK you can just use the encrypted output of |
@NeQuissimus I've also tried this out in #12307 and it seems to work. Unfortunately I currently don't have much time to work on it. |
@NeQuissimus And also, the password will still be readable in plain text in a .drv file, so we don't really win anything. |
bump what is the status on this ? |
@kalbasit I dunno. I submitted it as a contribution attempt, and all I can see is that it was apparently ignored by the repo owners. I don't know what more I can do. I don't have energy to pursue a social campaign of pressing people to notice this PR and review it... Also, personally, in the 2.5 years since I submitted this, I scaled back my immediate ambitions and currently paused trying to use NixOS proper; instead, I'm slowly trying to approach it from a Nix+home-manager angle. So this particular PR is not in my immediate sphere of interest as of now; that said, I might try to tweak this if some concrete changes were requested by the repo owners/reviewers as a precondition for merging this. |
I'm working on a NixOS module for declarative low-level NetworkManager configuration, i.e. through |
@florianjacob cool stuff, ping me when you open your PR. I tend to run some non-standard network configurations so I would be interested in this. |
Thank you for your contributions.
|
Seems like a new PR is in the works. |
Tested: works with a WPA/PSK password on my old-ish laptop.
cc @Phreedom @urkud @rickynils @domenkozar