patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

WIP: wifi still not working

Browse source
This commit is contained in:
Patrick 2024-12-23 19:22:45 +01:00
parent 1f8d44514d
commit 4a8d074627
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
3 changed files with 63 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
config/services/hostapd.nix
View file

@ -1,4 +1,9 @@
{ globals, pkgs, ... }: {
globals,
pkgs,
lib,
...
}:
{ {
microvm.devices = [ microvm.devices = [
{ {
@ -6,27 +11,53 @@
path = "0000:01:00.0"; path = "0000:01:00.0";
} }
]; ];
hardware.firmware = with pkgs; [
linux-firmware
intel2200BGFirmware
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.nftables.firewall.zones.untrusted.interfaces = [ "lan-services" ]; networking.nftables.firewall.zones.untrusted.interfaces = [ "lan-services" ];
hardware.wirelessRegulatoryDatabase = true; hardware.wirelessRegulatoryDatabase = true;
systemd.network = { # systemd.network = {
netdevs."40-wifi-home" = { # netdevs."40-wifi-home" = {
netdevConfig = { # netdevConfig = {
Name = "br-home"; # Name = "br-home";
Kind = "bridge"; # Kind = "bridge";
}; # };
}; # };
networks."10-home-bridge" = { # networks."10-home-bridge" = {
matchConfig.Name = "lan-home"; # networkConfig.LinkLocalAddressing = "no";
DHCP = "no"; # matchConfig.Name = "lan-home";
extraConfig = '' # DHCP = "no";
[Network] # extraConfig = ''
Bridge=br-home # [Network]
''; # Bridge=br-home
}; # '';
networks."10-home-" = { # };
matchConfig.Name = "br-home"; # networks."10-home-" = {
DHCP = "yes"; # matchConfig.Name = "br-home";
}; # DHCP = "yes";
# };
# };
networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
networking.nftables.firewall.zones.home.interfaces = [ "lan-home" ];
networking.nftables.firewall.rules.wifi-forward = {
from = [ "wlan" ];
to = [ "lan-home" ];
verdict = "accept";
};
systemd.network.networks."40-wifi" = {
matchConfig.Name = "lan-home";
address = [
(lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv4)
(lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv6)
];
gateway = [
(lib.net.cidr.host 1 globals.net.vlans.home.cidrv4)
(lib.net.cidr.host 1 globals.net.vlans.home.cidrv6)
];
}; };
services.hostapd = { services.hostapd = {
@ -58,20 +89,20 @@
networks.wlan1 = { networks.wlan1 = {
inherit (globals.hostapd) ssid; inherit (globals.hostapd) ssid;
apIsolate = true; apIsolate = true;
settings.vlan_file = "${pkgs.writeText "hostaps.vlans" '' # settings.vlan_file = "${pkgs.writeText "hostaps.vlans" ''
10 wifi-home br-home # 10 wifi-home br-home
50 wifi-guest br-guest # 50 wifi-guest br-guest
''}"; # ''}";
authentication = { authentication = {
saePasswords = [ saePasswords = [
{ {
password = "lol"; password = "ctiectie";
vlanid = 10; # vlanid = 10;
}
{
password = "lel";
vlanid = 50;
} }
# {
# password = "nrsgnrsg";
# vlanid = 50;
# }
]; ];
pairwiseCiphers = [ pairwiseCiphers = [
"CCMP" "CCMP"

1
globals.nix
View file

@ -136,6 +136,7 @@ in
}; };
hostapd = { hostapd = {
host = "nucnix-hostapd"; host = "nucnix-hostapd";
ip = 19;
}; };
murmur = { murmur = {
domain = "ts.${globals.domains.web}"; domain = "ts.${globals.domains.web}";

2
hosts/nucnix/net.nix
View file

@ -25,7 +25,7 @@ in
fritz.interfaces = [ "vlan-fritz" ]; fritz.interfaces = [ "vlan-fritz" ];
wg-services.interfaces = [ "services" ]; wg-services.interfaces = [ "services" ];
printer.ipv4Addresses = [ printer.ipv4Addresses = [
(lib.net.cidr.host 32 globals.net.vlans.device.cidrv4) (lib.net.cidr.host 32 globals.net.vlans.devices.cidrv4)
]; ];
adguard.ipv4Addresses = [ adguard.ipv4Addresses = [
(lib.net.cidr.host globals.services.adguardhome.ip globals.net.vlans.services.cidrv4) (lib.net.cidr.host globals.services.adguardhome.ip globals.net.vlans.services.cidrv4)