From d6b0a70a6f16ccbb03bcb7e682dfee32810bbb91 Mon Sep 17 00:00:00 2001
From: Patrick <patrick@failmail.dev>
Date: Fri, 3 Jan 2025 18:02:05 +0100
Subject: [PATCH] feat: local unique address for nucnix

---
 config/services/hostapd.nix | 63 +++++++++++++++++++------------------
 hosts/nucnix/net.nix        |  1 +
 2 files changed, 34 insertions(+), 30 deletions(-)

diff --git a/config/services/hostapd.nix b/config/services/hostapd.nix
index c042a9f..1ad44c2 100644
--- a/config/services/hostapd.nix
+++ b/config/services/hostapd.nix
@@ -21,36 +21,39 @@
     "br-home"
   ];
   hardware.wirelessRegulatoryDatabase = true;
-  # systemd.network = {
-  #   netdevs."40-br-home" = {
-  #     netdevConfig = {
-  #       Name = "br-home";
-  #       Kind = "bridge";
-  #     };
-  #   };
-  #   networks."10-mv-home" = {
-  #     networkConfig = {
-  #       LinkLocalAddressing = "no";
-  #       IPv6AcceptRA = lib.mkForce false;
-  #       Bridge = "br-home";
-  #     };
-  #     matchConfig.Name = "mv-home";
-  #     DHCP = "no";
-  #   };
-  #   networks."10-home" = {
-  #     matchConfig.Name = "br-home";
-  #     DHCP = "yes";
-  #   };
-  #   networks."40-wifi" = {
-  #     matchConfig.Name = "wlan1";
-  #     networkConfig = {
-  #       LinkLocalAddressing = "no";
-  #       IPv6AcceptRA = lib.mkForce false;
-  #       Bridge = "br-home";
-  #     };
-  #     DHCP = "no";
-  #   };
-  # };
+  systemd.network = {
+    netdevs."40-br-home" = {
+      netdevConfig = {
+        Name = "br-home";
+        Kind = "bridge";
+      };
+    };
+    networks."10-mv-home" = {
+      networkConfig = {
+        LinkLocalAddressing = "no";
+        IPv6AcceptRA = lib.mkForce false;
+        Bridge = "br-home";
+      };
+      address = lib.mkForce [ ];
+      gateway = lib.mkForce [ ];
+      DHCP = "no";
+    };
+    networks."10-home" = {
+      matchConfig.Name = "br-home";
+      DHCP = "no";
+      address = [ "10.99.10.19/24" ];
+      gateway = [ "10.99.10.1" ];
+    };
+    networks."40-wifi" = {
+      matchConfig.Name = "wlan1";
+      networkConfig = {
+        LinkLocalAddressing = "no";
+        IPv6AcceptRA = lib.mkForce false;
+        Bridge = "br-home";
+      };
+      DHCP = "no";
+    };
+  };
 
   networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
   networking.nftables.firewall.zones.home.interfaces = [ "mv-home" ];
diff --git a/hosts/nucnix/net.nix b/hosts/nucnix/net.nix
index 87fac3d..ca22042 100644
--- a/hosts/nucnix/net.nix
+++ b/hosts/nucnix/net.nix
@@ -123,6 +123,7 @@ in
         "20-lan-${name}" = {
           address = [
             (lib.net.cidr.hostCidr 1 cidrv4)
+            (lib.net.cidr.hostCidr 1 cidrv6)
           ];
           matchConfig.Name = "lan-${name}";
           networkConfig = {