libkookie: net: init module to handle networking configuration

8 files changed, 144 insertions, 37 deletions

diff --git a/infra/libkookie/configuration/workstation/i3/tempest.nix b/infra/libkookie/configuration/workstation/i3/tempest.nix
index fd1047f962c3..831e5770ddb8 100644
--- a/infra/libkookie/configuration/workstation/i3/tempest.nix
+++ b/infra/libkookie/configuration/workstation/i3/tempest.nix
@@ -14,9 +14,9 @@
     # TODO: hook into the "fonts" module?
     fonts = [ "Iosevka:12" ];
 
+    networkmanager = false;
+    
     term = pkgs.kitty;
     i3Status.segments = ["ipv6" "disk /" "ethernet _first_" "load" "tztime local"];
   };
-
-  home.packages = with pkgs; [ iosevka ];
 }
diff --git a/infra/libkookie/configuration/workstation/net/tempest.nix b/infra/libkookie/configuration/workstation/net/tempest.nix
new file mode 100644
index 000000000000..eb45fd9554dd
--- /dev/null
+++ b/infra/libkookie/configuration/workstation/net/tempest.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs;
+    [
+      mullvad-vpn
+    ];
+
+  libkookie.workstation.net = {
+    enable = true;
+    networkmanager = true;
+    
+    ## From Mass Effect: Andromeda
+    hostname = "tempest";
+    id = "01fd342c";
+  };
+}
diff --git a/infra/libkookie/modules/workstation/default.nix b/infra/libkookie/modules/workstation/default.nix
index 4a2953eb3659..910315cba2a3 100644
--- a/infra/libkookie/modules/workstation/default.nix
+++ b/infra/libkookie/modules/workstation/default.nix
@@ -3,6 +3,7 @@
   imports = [
     ./audio
     ./mail
+    ./net
     ./ui/i3
   ];
 }
diff --git a/infra/libkookie/modules/workstation/net/core.nix b/infra/libkookie/modules/workstation/net/core.nix
new file mode 100644
index 000000000000..2b6f37f32064
--- /dev/null
+++ b/infra/libkookie/modules/workstation/net/core.nix
@@ -0,0 +1,11 @@
+{ config, lib, ... }:
+
+let cfg = config.libkookie.workstation.net;
+in
+{
+  networking.hostName = cfg.hostname;
+  networking.hostId = cfg.id;
+
+  networking.networkmanager.enable = cfg.networkmanager;
+  networking.firewall.enable = cfg.firewall;
+}
diff --git a/infra/libkookie/modules/workstation/net/default.nix b/infra/libkookie/modules/workstation/net/default.nix
new file mode 100644
index 000000000000..8f5c08ed9689
--- /dev/null
+++ b/infra/libkookie/modules/workstation/net/default.nix
@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... } @ args:
+
+let cfg = config.libkookie.workstation.net;
+in
+with lib;
+{
+  options.libkookie.workstation.net = {
+    enable = mkEnableOption "workstation network handling";
+
+    networkmanager = mkEnableOption "networkmanager system module";
+    
+    firewall = mkOption {
+      type = types.bool;
+      default = true;
+      description = "system firewall";
+    };        
+    
+    hostname = mkOption {
+      type = types.str;
+      description = "Networking hostname";
+    };
+
+    id = mkOption {
+      type = types.str;
+      description = "Hash ID used for this networking node";
+    };
+    
+    randomMAC = let
+      type = with types; (submodule {
+        enable = mkEnableOption "MAC address randomisation";
+        mask = mkOption {
+          type = str;
+          description = "MAC net mask to use";
+        };
+      });
+    in
+      mkOption {
+        inherit type;
+        default = {
+          enable = false;
+          mask = "FE:FF:FF:00:00:00";
+        };
+        description = ''
+          MAC address randomisation module.
+          
+          The default net mask is based on intel WiFi NICs, to line up
+          with the modules used in Thinkpads.
+        '';
+      };
+  };
+
+  config = mkIf cfg.enable (import ./core.nix args);
+}
diff --git a/infra/libkookie/modules/workstation/ui/i3/core/setup.nix b/infra/libkookie/modules/workstation/ui/i3/core/setup.nix
index 80d1827d881c..76b4b61ac696 100644
--- a/infra/libkookie/modules/workstation/ui/i3/core/setup.nix
+++ b/infra/libkookie/modules/workstation/ui/i3/core/setup.nix
@@ -8,6 +8,8 @@
 
 { config, lib, pkgs, home-manager, ... } @ args:
 
+let cfg = config.libkookie.ui.i3;
+in
 {
   xsession.windowManager.i3 =
     let config = (import ./config.nix args);
@@ -19,39 +21,50 @@
 
         # TODO: move this into the config module?
 
-        extraConfig = with pkgs; ''
-          # Setup compositor
-          exec_always --no-startup-id "${coreutils}/bin/pkill picom; ${picom}/bin/picom --config ~/.config/i3/picom.conf"
-      
-          # Make CAPSLOCK into ESC because it's 2018
-          #
-          # Okay actually this is slightly more complicated than that. I'm binding 
-          # CAPSLOCK to HYPER, so that I can use it as a modifier in emacs, but then 
-          # using xcape(1) to also make short CAPSLOCK presses into ESCAPE.
-
-          exec_always --no-startup-id "${xorg.xmodmap}/bin/setxkbmap -layout us -variant altgr-intl -option caps:hyper"
-          exec ${xcape}/bin/xcape -e "#66=Escape" -t 150
-
-          # Always set a wallpaper
-          # exec_always --no-startup-id ${feh}/bin/feh --bg-fill config.libkookie.ui.i3.wallpaper ?????
-
-          bar {
-              status_command ${i3status}/bin/i3status -c ~/.config/i3/i3status.conf
-              position bottom
-              bindsym button4 nop
-              bindsym button5 nop
-              colors  {
-                  background #0F0F0F
-                  statusline #D5D5D5
+        extraConfig = with pkgs;
+          let
+            fehCmd = "${feh}/bin/feh --bg-fill ${cfg.wallpaper}";
+            picomCmd = "";
+            nmCmd = if cfg.networkmanager
+                    then "exec_always --no-startup-id ${networkmanagerapplet}/bin/nm-applet"
+                    else "";
+          in
+            ''
+              # Setup compositor // TODO: gate this on the hm-module
+              exec_always --no-startup-id "${coreutils}/bin/pkill picom; ${picom}/bin/picom --config ~/.config/i3/picom.conf"
+          
+              # Make CAPSLOCK into ESC because it's 2018
+              #
+              # Okay actually this is slightly more complicated than that. I'm binding 
+              # CAPSLOCK to HYPER, so that I can use it as a modifier in emacs, but then 
+              # using xcape(1) to also make short CAPSLOCK presses into ESCAPE.
+    
+              exec_always --no-startup-id "${xorg.xmodmap}/bin/setxkbmap -layout us -variant altgr-intl -option caps:hyper"
+              exec ${xcape}/bin/xcape -e "#66=Escape" -t 150
+    
+              # Set the desired wallpaper
+              exec_always --no-startup-id ${fehCmd}
+    
+              # Start nm-applet if networkmanager is enabled
+              ${nmCmd}
+    
+              bar {
+                  status_command ${i3status}/bin/i3status -c ~/.config/i3/i3status.conf
+                  position bottom
+                  bindsym button4 nop
+                  bindsym button5 nop
+                  colors  {
+                      background #0F0F0F
+                      statusline #D5D5D5
+                  }
               }
-          }
-
-          focus_follows_mouse no
-
-          # Layout and design settings that should _really_ be in the module
-          default_border pixel 3
-          client.focused #4c7899 #285577 #ffffff #F73E5F #666666
-        '';
+    
+              focus_follows_mouse no
+    
+              # Layout and design settings that should _really_ be in the module
+              default_border pixel 3
+              client.focused #4c7899 #285577 #ffffff #F73E5F #666666
+            '';
       };
 
   xdg.configFile."i3/picom.conf" = (import ./picom.nix args);
diff --git a/infra/libkookie/modules/workstation/ui/i3/hm.nix b/infra/libkookie/modules/workstation/ui/i3/hm.nix
index b0859c6ab393..7a7a8676fa5b 100644
--- a/infra/libkookie/modules/workstation/ui/i3/hm.nix
+++ b/infra/libkookie/modules/workstation/ui/i3/hm.nix
@@ -18,6 +18,17 @@ in
       '';
     };
 
+    networkmanager = mkOption {
+      type = types.bool;
+      default = true;
+      description = ''
+        Set whether networkmanager is enabled on the system or not.
+
+        This setting should be removed in the future, when I figure
+        out how to pull in config value from the nixos config.
+      '';
+    };
+    
     # TODO: figure out a way to make this a package type
     fonts = mkOption {
       type = with types; listOf str;
diff --git a/infra/libkookie/roots/tempest.nix b/infra/libkookie/roots/tempest.nix
index dce777eedaf2..86b33f93d88c 100644
--- a/infra/libkookie/roots/tempest.nix
+++ b/infra/libkookie/roots/tempest.nix
@@ -36,6 +36,9 @@ in
     <configuration/workstation/yubikey>
     <configuration/workstation/gpg>
 
+    # TODO: build a beter loader
+    <configuration/workstation/net/tempest.nix>
+
     
     #################################################################
     # home-manager modules that exist entirely in userspace
@@ -135,9 +138,7 @@ in
   swapDevices = [];
   nix.maxJobs = 16;
   
-  ## From Mass Effect: Andromeda
-  networking.hostName = "tempest";
-  networking.hostId = "01fd342c";
+
   # networking.firewall.allowedTCPPorts = [ 9000 ]; ?????
   
   networking.useDHCP = false;