Iwd - declarative wifi configs (networks+credentials)?

Do we have anything for this yet, maybe someone has in their own configuration? The only things I see in nixpkgs right now are very wpa_supplicant centric.

To declare networks for iwd, it looks like one must calculate a PreSharedKey and provide it with the Passphrase in a ini file in /var/lib/iwd/[ssid].psk:

> sudo cat /var/lib/iwd/chimera-wifi.psk
PreSharedKey=[hex str]
Passphrase=[my wifi password in plaintext]


  1. I don’t see anything about it reading from /etc/iwd/*.psk.
  2. I’m not finding any sort of PassphraseFile line that would tell iwd to read the password from a file, such as one placed by sops-nix. Maybe I’ll file a feature request on iwd after looking more.

Thoughts? Others interested? Would we just write a systemd oneshot service that symlinks the configs in /var/lib/iwd at boot? Patch iwd to look in /etc/iwd for networks?

Is it important that the PSK be re-used for a given device, or can the one-shot just generate the PSK from the passphrase on each boot?

Thanks for any input in advance.

You may want to take a look at https://github.com/NixOS/nixpkgs/pull/75800, though I stopped working on this for the reasons explained at the bottom of the thread.

1 Like