From 93a26c26f93f25aa36b931c91a27be1f64f3f733 Mon Sep 17 00:00:00 2001
From: catvayor <catvayor@katvayor.net>
Date: Mon, 27 Jan 2025 20:35:35 +0100
Subject: [PATCH] feat(vault01/radius): declare user vlans

---
 machines/nixos/vault01/k-radius/default.nix | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/machines/nixos/vault01/k-radius/default.nix b/machines/nixos/vault01/k-radius/default.nix
index 1df66f8..0c27125 100644
--- a/machines/nixos/vault01/k-radius/default.nix
+++ b/machines/nixos/vault01/k-radius/default.nix
@@ -40,16 +40,13 @@
       radius_required_groups = [ "radius_access@sso.dgnum.eu" ];
 
       # A mapping between Kanidm groups and VLANS
-      radius_groups = [
+      radius_groups = map (
+        { vlan, ... }:
         {
-          spn = "dgnum_members@sso.dgnum.eu";
-          vlan = 1;
+          inherit vlan;
+          spn = "vlan_${toString vlan}@sso.dgnum.eu";
         }
-        {
-          spn = "dgnum_clients@sso.dgnum.eu";
-          vlan = 2;
-        }
-      ];
+      ) config.networking.vlans-info;
     };
 
     authTokenFile = config.age.secrets."radius-auth_token_file".path;