Configuring network manager with secrets in NixOS

In recent weeks I’ve explored configuring my system with NixOS and home-manager.
Configuring network manager
Network manager profiles for wireless network connections can be configured via the networking.networkmanager.ensureProfiles.profiles
array.
For each entry a separate network will be added to network manager.
An example configuration for a network would look like this:
<profile_name> = {
connection = {
id = "<profile_name>";
uuid = "<profile-uuid>";
type = "<profile-type>"; # This should be "wifi" for wireless networks
};
wifi = {
mode = "infrastructure";
ssid = "<SSID>";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "<Password>";
};
};
Configuring sops-nix
As you may have realized the value for wifi-security.psk
is the password in plaintext.
To avoid hardcoding the password into the Nix-Configuration and publishing it on GitHub, sops-nix can be used to provide credentials for the network.
With networking.networkmanager.ensureProfiles.environmentFiles
environment files can be specified which may contain values of your configuration.
I provide a path to a sops-nix secret to this, which contains my secrets. For that I followed the usage example on the GitHub page of the project
My configuration can be found on GitHub.