patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity
nix-config/hosts/nucnix/hostapd.nix

91 lines
2.2 KiB
Nix
Raw Blame History

{
globals,
config,
pkgs,
lib,
...
}:
{
hardware.firmware = with pkgs; [
linux-firmware
intel2200BGFirmware
];
#boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
age.secrets = {
homeWlan = {
generator.script = "alnum";
};
iotWlan = {
generator.script = "alnum";
};
};
# Hostapd tries to delete any bridges it uses when restarting
# If any other service dares also using the bridges, thats too bad
# Have fun resetting your server because they're not coming back
systemd.services.hostapd.stopIfChanged = false;
systemd.services.hostapd.restartIfChanged = false;
systemd.services.hostapd.reloadTriggers = lib.mkForce [ ];
# networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
# networking.nftables.firewall.zones.home.interfaces = [ "br-home" ];
# networking.nftables.firewall.rules.wifi-forward = {
# from = [ "wlan" ];
# to = [ "home" ];
# verdict = "accept";
# };
services.hostapd = {
enable = true;
radios.wlan01 = {
band = "2g";
countryCode = "DE";
channel = 5;
wifi4.capabilities = [
"LDPC"
"HT40+"
"HT40-"
"SHORT-GI-20"
"SHORT-GI-40"
"TX-STBC"
"RX-STBC1"
];
wifi5.capabilities = [
"LDPC"
"HT40+"
"HT40-"
"SHORT-GI-20"
"SHORT-GI-40"
"TX-STBC"
"RX-STBC1"
];
wifi6.enable = true;
wifi7.enable = true;
networks.wlan01 = {
inherit (globals.hostapd) ssid;
apIsolate = true;
# not supporte by laptop :(
#settings.ieee80211w = 0;
logLevel = 0;
settings = {
bridge = "br-iot";
};
authentication = {
mode = "wpa2-sha1";
wpaPasswordFile = config.age.secrets.iotWlan.path;
# saePasswords = [
# {
# passwordFile = config.age.secrets.iotWlan.path;
# }
# ];
pairwiseCiphers = [
"CCMP"
# "GCMP"
# "GCMP-256"
];
#enableRecommendedPairwiseCiphers = true;
};
bssid = "44:38:e8:db:a5:b5";
};
};
};
}
Reference in a new issue View git blame Copy permalink