nixos/adm-omnia: router module

1 files changed, 10 insertions, 34 deletions

diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix
index d158b45..c704b58 100644
--- a/nixos/machine/adm-omnia.nix
+++ b/nixos/machine/adm-omnia.nix
@@ -7,40 +7,16 @@
 with lib; {
   config = {
     cynerd = {
-      #openvpn.oldpersonal = true;
+      router = {
+        enable = true;
+        wan = "end2";
+        lanIP = config.cynerd.hosts.adm.omnia;
+      };
+      openvpn.oldpersonal = false;
     };
 
-    networking = {
-      # TODO we need vlan filtering to filter out guest and adm network
-      bridges = {
-        brlan = {
-          interfaces = [
-            "lan0"
-            "lan1"
-            "lan2"
-            "lan3"
-            "lan4"
-          ];
-        };
-        #brguest = {
-        #  interfaces = [
-        #    "brlan.2" #"mlan0host" "wlp1s0host"
-        #  ];
-        #};
-      };
-      interfaces.brlan = {
-        ipv4 = {
-          addresses = [
-            {
-              address = config.cynerd.hosts.adm.omnia;
-              prefixLength = 24;
-            }
-          ];
-        };
-      };
-      # TODO localhost
-      nameservers = ["1.1.1.1" "8.8.8.8"];
-      dhcpcd.allowInterfaces = ["end2"];
+    networking.bridges = {
+      brlan.interfaces = ["lan0" "lan1" "lan2" "lan3" "lan4"];
     };
 
     networking.wirelessAP = {
@@ -55,12 +31,12 @@ with lib; {
           ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"];
           vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"];
           ssid = "TurrisRules5";
-          wpa = true;
+          wpa = 2;
           wpaPassphrase = "@PASS_TURRIS_RULES@";
           bss = {
             "wlp1s0host" = {
               ssid = "KocoviGuest";
-              wpa = true;
+              wpa = 2;
               wpaPassphrase = "@PASS_KOCOVI@";
             };
           };