Merge pull request #12172 from mayflower/wpa_supplicant-service

Structured wpa_supplicant service
This commit is contained in:
Peter Simons 2016-01-06 20:03:22 +01:00
commit 476847c40a
3 changed files with 93 additions and 88 deletions

View File

@ -18,8 +18,20 @@ NixOS will start wpa_supplicant for you if you enable this setting:
networking.wireless.enable = true; networking.wireless.enable = true;
</programlisting> </programlisting>
NixOS currently does not generate wpa_supplicant's NixOS lets you specify networks for wpa_supplicant declaratively:
configuration file, <literal>/etc/wpa_supplicant.conf</literal>. You should edit this file <programlisting>
networking.wireless.networks = {
echelon = {
psk = "abcdefgh";
};
"free.wifi" = {};
}
</programlisting>
Be aware that keys will be written to the nix store in plaintext!
When no networks are set, it will default to using a configuration file at
<literal>/etc/wpa_supplicant.conf</literal>. You should edit this file
yourself to define wireless networks, WPA keys and so on (see yourself to define wireless networks, WPA keys and so on (see
wpa_supplicant.conf(5)). wpa_supplicant.conf(5)).
</para> </para>

View File

@ -51,7 +51,7 @@ with lib;
# Enable wpa_supplicant, but don't start it by default. # Enable wpa_supplicant, but don't start it by default.
networking.wireless.enable = mkDefault true; networking.wireless.enable = mkDefault true;
jobs.wpa_supplicant.startOn = mkOverride 50 ""; systemd.services.wpa_supplicant.wantedBy = mkOverride 50 [];
# Tell the Nix evaluator to garbage collect more aggressively. # Tell the Nix evaluator to garbage collect more aggressively.
# This is desirable in memory-constrained environments that don't # This is desirable in memory-constrained environments that don't

View File

@ -3,51 +3,30 @@
with lib; with lib;
let let
cfg = config.networking.wireless; cfg = config.networking.wireless;
configFile = "/etc/wpa_supplicant.conf"; configFile = if cfg.networks != {} then pkgs.writeText "wpa_supplicant.conf" ''
${optionalString cfg.userControlled.enable ''
ifaces = ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}
cfg.interfaces ++ update_config=1''}
optional (config.networking.WLANInterface != "") config.networking.WLANInterface; ${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: ''
network={
in ssid="${ssid}"
${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''}
{ ${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''}
}
###### interface '') cfg.networks)}
'' else "/etc/wpa_supplicant.conf";
in {
options = { options = {
networking.WLANInterface = mkOption {
default = "";
description = "Obsolete. Use <option>networking.wireless.interfaces</option> instead.";
};
networking.wireless = { networking.wireless = {
enable = mkOption { enable = mkEnableOption "wpa_supplicant";
type = types.bool;
default = false;
description = ''
Whether to start <command>wpa_supplicant</command> to scan for
and associate with wireless networks. Note: NixOS currently
does not manage <command>wpa_supplicant</command>'s
configuration file, <filename>${configFile}</filename>. You
should edit this file yourself to define wireless networks,
WPA keys and so on (see
<citerefentry><refentrytitle>wpa_supplicant.conf</refentrytitle>
<manvolnum>5</manvolnum></citerefentry>), or use
networking.wireless.userControlled.* to allow users to add entries
through <command>wpa_cli</command> and <command>wpa_gui</command>.
'';
};
interfaces = mkOption { interfaces = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
example = [ "wlan0" "wlan1" ]; example = [ "wlan0" "wlan1" ];
description = '' description = ''
The interfaces <command>wpa_supplicant</command> will use. If empty, it will The interfaces <command>wpa_supplicant</command> will use. If empty, it will
automatically use all wireless interfaces. automatically use all wireless interfaces.
''; '';
}; };
@ -58,6 +37,37 @@ in
description = "Force a specific wpa_supplicant driver."; description = "Force a specific wpa_supplicant driver.";
}; };
networks = mkOption {
type = types.attrsOf (types.submodule {
options = {
psk = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The network's pre-shared key in plaintext defaulting
to being a network without any authentication.
Be aware that these will be written to the nix store
in plaintext!
'';
};
};
});
description = ''
The network definitions to automatically connect to when
<command>wpa_supplicant</command> is running. If this
parameter is left empty wpa_supplicant will use
/etc/wpa_supplicant.conf as the configuration file.
'';
default = {};
example = literalExample ''
echelon = {
psk = "abcdefgh";
};
"free.wifi" = {};
'';
};
userControlled = { userControlled = {
enable = mkOption { enable = mkOption {
type = types.bool; type = types.bool;
@ -68,10 +78,8 @@ in
to depend on a large package such as NetworkManager just to pick nearby to depend on a large package such as NetworkManager just to pick nearby
access points. access points.
When you want to use this, make sure ${configFile} doesn't exist. When using a declarative network specification you cannot persist any
It will be created for you. settings via wpa_gui or wpa_cli.
Currently it is also necessary to explicitly specify networking.wireless.interfaces.
''; '';
}; };
@ -85,64 +93,49 @@ in
}; };
}; };
config = mkMerge [
(mkIf cfg.enable {
environment.systemPackages = [ pkgs.wpa_supplicant ];
###### implementation services.dbus.packages = [ pkgs.wpa_supplicant ];
config = mkIf cfg.enable { # FIXME: start a separate wpa_supplicant instance per interface.
systemd.services.wpa_supplicant = let
environment.systemPackages = [ pkgs.wpa_supplicant ]; ifaces = cfg.interfaces;
in {
services.dbus.packages = [ pkgs.wpa_supplicant ]; description = "WPA Supplicant";
# FIXME: start a separate wpa_supplicant instance per interface.
jobs.wpa_supplicant =
{ description = "WPA Supplicant";
wantedBy = [ "network.target" ]; wantedBy = [ "network.target" ];
path = [ pkgs.wpa_supplicant ]; path = [ pkgs.wpa_supplicant ];
preStart = '' script = ''
touch -a ${configFile} ${if ifaces == [] then ''
chmod 600 ${configFile} for i in $(cd /sys/class/net && echo *); do
'' + optionalString cfg.userControlled.enable '' DEVTYPE=
if [ ! -s ${configFile} ]; then source /sys/class/net/$i/uevent
echo "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}" >> ${configFile} if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then
echo "update_config=1" >> ${configFile} ifaces="$ifaces''${ifaces:+ -N} -i$i"
fi fi
done
'' else ''
ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}"
''}
exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces
''; '';
script =
''
${if ifaces == [] then ''
for i in $(cd /sys/class/net && echo *); do
DEVTYPE=
source /sys/class/net/$i/uevent
if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then
ifaces="$ifaces''${ifaces:+ -N} -i$i"
fi
done
'' else ''
ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}"
''}
exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces
'';
}; };
powerManagement.resumeCommands = powerManagement.resumeCommands = ''
''
${config.systemd.package}/bin/systemctl try-restart wpa_supplicant ${config.systemd.package}/bin/systemctl try-restart wpa_supplicant
''; '';
assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != []; # Restart wpa_supplicant when a wlan device appears or disappears.
message = "user controlled wpa_supplicant needs explicit networking.wireless.interfaces";}]; services.udev.extraRules = ''
# Restart wpa_supplicant when a wlan device appears or disappears.
services.udev.extraRules =
''
ACTION=="add|remove", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", RUN+="${config.systemd.package}/bin/systemctl try-restart wpa_supplicant.service" ACTION=="add|remove", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", RUN+="${config.systemd.package}/bin/systemctl try-restart wpa_supplicant.service"
''; '';
})
}; {
meta.maintainers = with lib.maintainers; [ globin ];
}
];
} }