patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

fix: hostapd broke again

Browse source
This commit is contained in:
Patrick 2025-01-10 16:36:41 +01:00
parent 7d6e959d90
commit f961ee9b17
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
2 changed files with 22 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
hosts/nucnix/hostapd.nix
View file

@ -2,6 +2,7 @@
globals,
config,
pkgs,
lib,
...
}:
{
@ -17,15 +18,21 @@
guestWlan = {
generator.script = "alnum";
};
iotWlan = {
generator.script = "alnum";
};
};
systemd.services.hostapd.stopIfChanged = false;
systemd.services.hostapd.restartIfChanged = false;
systemd.services.hostapd.reloadTriggers = lib.mkForce [ ];
networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
networking.nftables.firewall.zones.home.interfaces = [ "br-home" ];
networking.nftables.firewall.rules.wifi-forward = {
from = [ "wlan" ];
to = [ "home" ];
verdict = "accept";
};
# networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
# networking.nftables.firewall.zones.home.interfaces = [ "br-home" ];
# networking.nftables.firewall.rules.wifi-forward = {
# from = [ "wlan" ];
# to = [ "home" ];
# verdict = "accept";
# };
services.hostapd = {
enable = true;
radios.wlan01 = {
@ -57,10 +64,10 @@
apIsolate = true;
# not supporte by laptop :(
# settings.ieee80211w = 0;
settings.bridge = "br-home";
settings.vlan_file = "${pkgs.writeText "hostaps.vlans" ''
10 wifi-home br-home
50 wifi-guest br-guest
40 wifi-iot br-iot
50 wifi-guests br-guests
''}";
authentication = {
saePasswords = [
@ -68,6 +75,10 @@
passwordFile = config.age.secrets.homeWlan.path;
vlanid = 10;
}
{
passwordFile = config.age.secrets.iotWlan.path;
vlanid = 40;
}
{
passwordFile = config.age.secrets.guestWlan.path;
vlanid = 50;

4
patches/PR/365727.diff
View file

@ -1,5 +1,5 @@
diff --git a/nixos/modules/services/networking/hostapd.nix b/nixos/modules/services/networking/hostapd.nix
index 8635dea738ce2..12821fc9f07c1 100644
index 8635dea738ce2..28dd6db874bc4 100644
--- a/nixos/modules/services/networking/hostapd.nix
+++ b/nixos/modules/services/networking/hostapd.nix
@@ -1,4 +1,10 @@
@ -2000,7 +2000,7 @@ index 8635dea738ce2..12821fc9f07c1 100644
+ (
+ echo -n 'sae_password='
+ ${optionalString (entry.passwordFile != null) ''tr -d '\n' < ${entry.passwordFile}''}
+ cat <<< '${escapeShellArg lineSuffix}'
+ echo ${escapeShellArg lineSuffix}
+ ) >> "$HOSTAPD_CONFIG_FILE"
+ ''
+ ) bssCfg.authentication.saePasswords