diff options
| author | Karel Kočí <cynerd@email.cz> | 2024-01-16 17:00:20 +0100 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2024-01-16 17:00:20 +0100 |
| commit | cfacd69575b5888bf3e054c9f8056a19c4b5903e (patch) | |
| tree | a2f1c475ef872e95211bf648a5a0fe48965c66a0 /nixos | |
| parent | 55296b643fe2934b875561dd58861b69d4951e9c (diff) | |
| download | nixos-personal-cfacd69575b5888bf3e054c9f8056a19c4b5903e.tar.gz nixos-personal-cfacd69575b5888bf3e054c9f8056a19c4b5903e.tar.bz2 nixos-personal-cfacd69575b5888bf3e054c9f8056a19c4b5903e.zip | |
Rework
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/configurations.nix | 1 | ||||
| -rw-r--r-- | nixos/default.nix | 9 | ||||
| -rw-r--r-- | nixos/machine/albert.nix | 3 | ||||
| -rw-r--r-- | nixos/machine/binky.nix | 11 | ||||
| -rw-r--r-- | nixos/machine/default.nix | 30 | ||||
| -rw-r--r-- | nixos/machine/errol.nix | 5 | ||||
| -rw-r--r-- | nixos/machine/lipwig.nix | 50 | ||||
| -rw-r--r-- | nixos/machine/ridcully.nix | 5 | ||||
| -rw-r--r-- | nixos/machine/spt-mox.nix | 2 | ||||
| -rw-r--r-- | nixos/machine/susan.nix | 25 | ||||
| -rw-r--r-- | nixos/modules/autounlock.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/compile.nix | 5 | ||||
| -rw-r--r-- | nixos/modules/default.nix | 23 | ||||
| -rw-r--r-- | nixos/modules/desktop.nix | 13 | ||||
| -rw-r--r-- | nixos/modules/develop.nix | 7 | ||||
| -rw-r--r-- | nixos/modules/gaming.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/generic.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/home-assistant.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/hosts.nix | 10 | ||||
| -rw-r--r-- | nixos/modules/monitoring.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/openvpn.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/syncthing.nix | 5 | ||||
| -rw-r--r-- | nixos/modules/wifi-client.nix | 5 | ||||
| -rw-r--r-- | nixos/routers/wifi-adm.nix | 147 | ||||
| -rw-r--r-- | nixos/routers/wifi-spt.nix | 82 |
25 files changed, 253 insertions, 209 deletions
diff --git a/nixos/configurations.nix b/nixos/configurations.nix index be8beb7..2fa2261 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -108,7 +108,6 @@ in // amd64System "binky" // amd64System "errol" // amd64System "ridcully" - // amd64System "susan" // vpsSystem "lipwig" // raspi2System "spt-mpd" // raspi3System "adm-mpd" diff --git a/nixos/default.nix b/nixos/default.nix index 974c73d..90d6b3a 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,7 +1,6 @@ -self: -with builtins; let +self: let machines = import ./machine self; - modules = import ./modules; + modules = import ./modules self; routers = import ./routers; in modules @@ -14,7 +13,7 @@ in usbkey.nixosModules.default nixbigclown.nixosModules.default ] - ++ attrValues modules; + ++ builtins.attrValues modules; }; - defaultRouters = {imports = attrValues routers;}; + defaultRouters = {imports = builtins.attrValues routers;}; } diff --git a/nixos/machine/albert.nix b/nixos/machine/albert.nix index 68d55ba..85bc943 100644 --- a/nixos/machine/albert.nix +++ b/nixos/machine/albert.nix @@ -3,8 +3,7 @@ lib, pkgs, ... -}: -with lib; { +}: { config = { cynerd = { desktop = { diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix index a90d625..3b3d35f 100644 --- a/nixos/machine/binky.nix +++ b/nixos/machine/binky.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkDefault; +in { config = { cynerd = { desktop = { @@ -20,8 +21,10 @@ with lib; { }; }; - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"]; - boot.kernelModules = ["kvm-amd"]; + boot = { + initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"]; + kernelModules = ["kvm-amd"]; + }; hardware.cpu.amd.updateMicrocode = true; diff --git a/nixos/machine/default.nix b/nixos/machine/default.nix index aba8b6e..4aa05ba 100644 --- a/nixos/machine/default.nix +++ b/nixos/machine/default.nix @@ -1,21 +1,9 @@ -self: { - machine-albert = import ./albert.nix; - machine-binky = import ./binky.nix; - machine-dean = import ./dean.nix; - machine-errol = import ./errol.nix; - machine-ridcully = import ./ridcully.nix; - machine-susan = import ./susan.nix; - - machine-lipwig = import ./lipwig.nix; - - machine-gaspode = import ./gaspode.nix; - - machine-spt-omnia = import ./spt-omnia.nix; - machine-spt-mox = import ./spt-mox.nix; - machine-spt-mox2 = import ./spt-mox2.nix; - machine-spt-mpd = import ./spt-mpd.nix; - - machine-adm-omnia = import ./adm-omnia.nix; - machine-adm-omnia2 = import ./adm-omnia2.nix; - machine-adm-mpd = import ./adm-mpd.nix; -} +self: let + inherit (builtins) readDir; + inherit (self.inputs.nixpkgs.lib) filterAttrs nameValuePair mapAttrs' hasSuffix removeSuffix; +in + mapAttrs' + (n: v: nameValuePair "machine-${removeSuffix ".nix" n}" (import (./. + "/${n}"))) + (filterAttrs + (n: v: v == "regular" && hasSuffix ".nix" n && n != "default.nix") + (readDir ./.)) diff --git a/nixos/machine/errol.nix b/nixos/machine/errol.nix index 922ff57..f0d0aa2 100644 --- a/nixos/machine/errol.nix +++ b/nixos/machine/errol.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkDefault; +in { config = { cynerd = { desktop.enable = true; diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix index 042ee27..fe101f4 100644 --- a/nixos/machine/lipwig.nix +++ b/nixos/machine/lipwig.nix @@ -3,8 +3,7 @@ lib, pkgs, ... -}: -with lib; { +}: { config = { cynerd = { syncthing = { @@ -55,6 +54,10 @@ with lib; { fastcgi_param HTTP_HOST $server_name; ''; }; + "cloud.cynerd.cz" = { + forceSSL = true; + useACMEHost = "cynerd.cz"; + }; "grafana.cynerd.cz" = { forceSSL = true; useACMEHost = "cynerd.cz"; @@ -75,6 +78,7 @@ with lib; { defaults.email = "cynerd+acme@email.cz"; certs."cynerd.cz".extraDomainNames = [ "git.cynerd.cz" + "cloud.cynerd.cz" "grafana.cynerd.cz" ]; }; @@ -157,6 +161,48 @@ with lib; { }; }; + # Nextcloud ################################################################ + services.nextcloud = { + enable = true; + package = pkgs.nextcloud28; + https = true; + hostName = "cloud.cynerd.cz"; + datadir = "/nas/nextcloud"; + config = { + adminuser = "cynerd"; + adminpassFile = "/run/secrets/nextcloud.admin.pass"; + }; + extraOptions = { + #log_type = "systemd"; + default_phone_region = "CZ"; + }; + phpOptions = { + "opcache.interned_strings_buffer" = "16"; + }; + maxUploadSize = "1G"; + appstoreEnable = false; + extraApps = { + inherit + (config.services.nextcloud.package.packages.apps) + calendar + contacts + cookbook + deck + groupfolders + notes + phonetrack + tasks + twofactor_nextcloud_notification + twofactor_webauthn + ; + passwords = pkgs.fetchNextcloudApp { + url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2023.12.2/passwords.tar.gz"; + sha256 = "17qkkkmc3gai6pryl3lb4y074pzbjk26swnpgvy6qfvkp64n8bw1"; + license = "agpl3"; + }; + }; + }; + # Old Syncthing ############################################################ services.syncthing = { enable = true; diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix index 5814c0f..8d45959 100644 --- a/nixos/machine/ridcully.nix +++ b/nixos/machine/ridcully.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkDefault; +in { config = { cynerd = { desktop.enable = true; diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix index 7dc74fa..accd963 100644 --- a/nixos/machine/spt-mox.nix +++ b/nixos/machine/spt-mox.nix @@ -10,7 +10,7 @@ with lib; { cynerd = { home-assistant = true; wifiAP.spt = { - enable = false; + enable = true; qca988x = { interface = "wls1"; channel = 7; diff --git a/nixos/machine/susan.nix b/nixos/machine/susan.nix deleted file mode 100644 index d05120f..0000000 --- a/nixos/machine/susan.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; { - config = { - cynerd.desktop.enable = true; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033"; - options = ["compress=lzo" "subvol=@nix"]; - }; - "/home" = { - device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033"; - options = ["compress=lzo" "subvol=@home"]; - }; - "/boot" = { - device = "/dev/disk/by-uuid/EB3E-3635"; - }; - }; - }; -} diff --git a/nixos/modules/autounlock.nix b/nixos/modules/autounlock.nix index 244dcb4..d7d6a7c 100644 --- a/nixos/modules/autounlock.nix +++ b/nixos/modules/autounlock.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mapAttrs mkOption mkIf types; cnf = config.cynerd.autounlock; in { options = { diff --git a/nixos/modules/compile.nix b/nixos/modules/compile.nix index 929b373..3c90345 100644 --- a/nixos/modules/compile.nix +++ b/nixos/modules/compile.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkOption mkIf mkDefault types; +in { options = { cynerd.compile = mkOption { type = types.bool; diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 72221d8..9d707e9 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -1,14 +1,9 @@ -{ - cynerd-autounlock = import ./autounlock.nix; - cynerd-compile = import ./compile.nix; - cynerd-desktop = import ./desktop.nix; - cynerd-develop = import ./develop.nix; - cynerd-gaming = import ./gaming.nix; - cynerd-generic = import ./generic.nix; - cynerd-home-assistant = import ./home-assistant.nix; - cynerd-hosts = import ./hosts.nix; - cynerd-monitoring = import ./monitoring.nix; - cynerd-openvpn = import ./openvpn.nix; - cynerd-syncthing = import ./syncthing.nix; - cynerd-wifi-client = import ./wifi-client.nix; -} +self: let + inherit (builtins) readDir; + inherit (self.inputs.nixpkgs.lib) filterAttrs nameValuePair mapAttrs' hasSuffix removeSuffix; +in + mapAttrs' + (n: v: nameValuePair "cynerd-${removeSuffix ".nix" n}" (import (./. + "/${n}"))) + (filterAttrs + (n: v: v == "regular" && hasSuffix ".nix" n && n != "default.nix") + (readDir ./.)) diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix index 38758c7..7d110ae 100644 --- a/nixos/modules/desktop.nix +++ b/nixos/modules/desktop.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOption mkIf types optionals; cnf = config.cynerd.desktop; in { options = { @@ -60,9 +60,9 @@ in { notmuch astroid taskwarrior - vdirsyncer - khal - khard + #vdirsyncer + #khal + #khard gnupg pinentry-gnome pinentry-curses @@ -70,6 +70,7 @@ in { exts.pass-otp exts.pass-audit ])) + nextcloud-client chromium ferdium @@ -149,7 +150,7 @@ in { # Gnome utils gnome-firmware - gaphor + #gaphor # CAD freecad diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix index 84358ab..1826e36 100644 --- a/nixos/modules/develop.nix +++ b/nixos/modules/develop.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkOption mkIf types; +in { options = { cynerd.develop = mkOption { type = types.bool; @@ -109,7 +110,7 @@ with lib; { stdmanpages # SHV - #shvspy + shvspy flatline shvcli diff --git a/nixos/modules/gaming.nix b/nixos/modules/gaming.nix index 182fc36..cbf2d10 100644 --- a/nixos/modules/gaming.nix +++ b/nixos/modules/gaming.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOption mkIf types; cnf = config.cynerd.gaming; in { options = { diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix index 9b64aa8..f2a0d3b 100644 --- a/nixos/modules/generic.nix +++ b/nixos/modules/generic.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOverride mkDefault mkIf optionals; isNative = config.nixpkgs.hostPlatform == config.nixpkgs.buildPlatform; in { config = { diff --git a/nixos/modules/home-assistant.nix b/nixos/modules/home-assistant.nix index 0567785..e55533e 100644 --- a/nixos/modules/home-assistant.nix +++ b/nixos/modules/home-assistant.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkIf mkEnableOption; cnf = config.cynerd.home-assistant; in { options = { diff --git a/nixos/modules/hosts.nix b/nixos/modules/hosts.nix index 2746f93..76e884d 100644 --- a/nixos/modules/hosts.nix +++ b/nixos/modules/hosts.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOption types mkIf; cnf = config.cynerd.hosts; staticZoneOption = mkOption { @@ -33,7 +33,6 @@ in { # Portable "binky" = "10.8.0.2"; "albert" = "10.8.0.3"; - "susan" = "10.8.0.5"; "android" = "10.8.0.6"; # Endpoints "spt-omnia" = "10.8.0.50"; @@ -49,7 +48,6 @@ in { "errol" = "10.8.2.60"; # Portable "albert" = "10.8.2.61"; - "susan" = "10.8.2.62"; "binky" = "10.8.2.63"; }; adm = { @@ -62,7 +60,6 @@ in { "mpd" = "10.8.3.51"; # Portable "albert" = "10.8.3.61"; - "susan" = "10.8.3.62"; "binky" = "10.8.3.63"; }; }; @@ -73,7 +70,6 @@ in { "${cnf.vpn.android}" = ["android.vpn"]; "${cnf.vpn.albert}" = ["albert.vpn"]; "${cnf.vpn.dean}" = ["dean" "dean.vpn"]; - "${cnf.vpn.susan}" = ["susan.vpn"]; "${cnf.vpn.binky}" = ["binky.vpn"]; "${cnf.vpn.spt-omnia}" = ["spt.vpn"]; "${cnf.vpn.adm-omnia}" = ["adm.vpn"]; @@ -85,7 +81,6 @@ in { "${cnf.spt.mpd}" = ["mpd.spt"]; "${cnf.spt.errol}" = ["errol" "desktop.spt"]; "${cnf.spt.albert}" = ["albert.spt"]; - "${cnf.spt.susan}" = ["susan.spt"]; "${cnf.spt.binky}" = ["binky.spt"]; # Adm "${cnf.adm.omnia}" = ["omnia.adm"]; @@ -93,7 +88,6 @@ in { "${cnf.adm.omnia2}" = ["omnia2.adm"]; "${cnf.adm.ridcully}" = ["ridcully" "desktop.adm"]; "${cnf.adm.albert}" = ["albert.adm"]; - "${cnf.adm.susan}" = ["susan.adm"]; "${cnf.adm.binky}" = ["binky.adm"]; "${cnf.adm."3dprint"}" = ["3dprint"]; "${cnf.adm.mpd}" = ["mpd.adm"]; diff --git a/nixos/modules/monitoring.nix b/nixos/modules/monitoring.nix index 2fc6da5..44d0cbb 100644 --- a/nixos/modules/monitoring.nix +++ b/nixos/modules/monitoring.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOption types mkMerge mkIf optionalAttrs optionals; cnf = config.cynerd.monitoring; in { options.cynerd.monitoring = { diff --git a/nixos/modules/openvpn.nix b/nixos/modules/openvpn.nix index d2c7319..57d59ee 100644 --- a/nixos/modules/openvpn.nix +++ b/nixos/modules/openvpn.nix @@ -3,8 +3,8 @@ lib, pkgs, ... -}: -with lib; let +}: let + inherit (lib) mkOption types mkIf; cnf = config.cynerd.openvpn; in { options = { diff --git a/nixos/modules/syncthing.nix b/nixos/modules/syncthing.nix index 263acbe..af6d957 100644 --- a/nixos/modules/syncthing.nix +++ b/nixos/modules/syncthing.nix @@ -3,9 +3,8 @@ lib, pkgs, ... -}: -with builtins; -with lib; let +}: let + inherit (lib) filterAttrs mkOption types mkIf any mkDefault recursiveUpdate genAttrs; cnf = config.cynerd.syncthing; inherit (config.networking) hostName; allDevices = [ diff --git a/nixos/modules/wifi-client.nix b/nixos/modules/wifi-client.nix index 0d7fd48..8fc803d 100644 --- a/nixos/modules/wifi-client.nix +++ b/nixos/modules/wifi-client.nix @@ -3,8 +3,9 @@ lib, pkgs, ... -}: -with lib; { +}: let + inherit (lib) mkOption types mkIf; +in { options = { cynerd.wifiClient = mkOption { type = types.bool; diff --git a/nixos/routers/wifi-adm.nix b/nixos/routers/wifi-adm.nix index f50e3f3..9869e3e 100644 --- a/nixos/routers/wifi-adm.nix +++ b/nixos/routers/wifi-adm.nix @@ -30,70 +30,111 @@ in { config = mkIf cnf.enable { services.hostapd = { - countryCode = "CZ"; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = - (optionalAttrs (cnf.ar9287.interface != null) { - "${cnf.ar9287.interface}" = hostapd.qualcomAtherosAR9287 { - inherit (cnf.ar9287) channel; - bssid = "@BSSID_AR9287_0@"; - ssid = "TurrisAdamkovi"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bss = { - "${cnf.ar9287.interface}.nela" = { - bssid = "@BSSID_AR9287_1@"; - ssid = "Nela"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; + enable = true; + radios = { + "${cnf.ar9287.interface}" = mkIf (cnf.ar9287.interface != null) { + countryCode = "CZ"; + inherit (cnf.ar9287) channel; + wifi4 = { + enable = true; + inherit (hostapd.qualcomAtherosAR9287.wifi4) capabilities; + }; + networks = { + "${cnf.ar9287.interface}" = { + bssid = "02:f0:21:23:2b:00"; + ssid = "TurrisAdamkovi"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-TurrisAdamkovi.pass"; }; - "${cnf.ar9287.interface}.milan" = { - bssid = "@BSSID_AR9287_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; + }; + "${cnf.ar9287.interface}.nela" = { + bssid = "06:f0:21:23:2b:00"; + ssid = "Nela"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-Nela.pass"; }; }; + "${cnf.ar9287.interface}.milan" = { + bssid = "0a:f0:21:23:2b:00"; + ssid = "MILAN-AC"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-MILAN-AC.pass"; + }; + }; + }; + }; + "${cnf.qca988x.interface}" = mkIf (cnf.qca988x.interface != null) { + countryCode = "CZ"; + inherit (cnf.qca988x) channel; + band = "5g"; + wifi4 = { + enable = true; + inherit (hostapd.qualcomAtherosQCA988x.wifi4) capabilities; }; - }) - // (optionalAttrs (cnf.qca988x.interface != null) { - "${cnf.qca988x.interface}" = hostapd.qualcomAtherosQCA988x { - inherit (cnf.qca988x) channel; - bssid = "@BSSID_AR9287_0@"; - ssid = "TurrisAdamkovi5"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bss = { - "${cnf.qca988x.interface}.nela" = { - bssid = "@BSSID_AR9287_1@"; - ssid = "Nela5"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; + wifi5 = { + enable = true; + inherit (hostapd.qualcomAtherosQCA988x.wifi5) capabilities; + }; + networks = { + "${cnf.qca988x.interface}" = { + bssid = "04:f0:21:24:24:d2"; + ssid = "TurrisAdamkovi"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-TurrisAdamkovi.pass"; + }; + }; + "${cnf.qca988x.interface}.nela" = { + bssid = "06:f0:21:24:24:d2"; + ssid = "Nela"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-Nela.pass"; }; - "${cnf.qca988x.interface}.milan" = { - bssid = "@BSSID_AR9287_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; + }; + "${cnf.qca988x.interface}.milan" = { + bssid = "0a:f0:21:24:24:d2"; + ssid = "MILAN-AC"; + authentication = { + mode = "wpa2-sha256"; + wpaPasswordFile = "/run/secrets/hostapd-MILAN-AC.pass"; }; }; }; - }); + }; + }; }; - networking.bridges = { - brlan.interfaces = filter (v: v != null) [ - cnf.ar9287.interface - cnf.qca988x.interface - ]; - brguest.interfaces = - (optionals (cnf.ar9287.interface != null) [ + networking = { + # TODO wlanInterface doesn't work right now because it uses invalid + # command and seems to just configure only first interface. It is just + # wrong. + #wlanInterfaces = { + # "${cnf.ar9287.interface}.nela" = { + # device = "${cnf.ar9287.interface}"; + # mac = "06:f0:21:23:2b:00"; + # }; + # "${cnf.ar9287.interface}.milan" = { + # device = "${cnf.ar9287.interface}"; + # mac = "0a:f0:21:23:2b:00"; + # }; + #}; + bridges = { + brlan.interfaces = filter (v: v != null) [ + cnf.ar9287.interface + cnf.qca988x.interface + ]; + brguest.interfaces = optionals (cnf.ar9287.interface != null) [ "${cnf.ar9287.interface}.nela" "${cnf.ar9287.interface}.milan" - ]) - ++ (optionals (cnf.qca988x.interface != null) [ - "${cnf.qca988x.interface}.nela" - "${cnf.qca988x.interface}.milan" - ]); + ]; + # ++ (optionals (cnf.qca988x.interface != null) [ + # "${cnf.qca988x.interface}.nela" + # "${cnf.qca988x.interface}.milan" + # ]); + }; }; }; } diff --git a/nixos/routers/wifi-spt.nix b/nixos/routers/wifi-spt.nix index 3d70e18..e726b84 100644 --- a/nixos/routers/wifi-spt.nix +++ b/nixos/routers/wifi-spt.nix @@ -30,47 +30,47 @@ in { config = mkIf cnf.enable { services.hostapd = { - countryCode = "CZ"; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = - (optionalAttrs (cnf.ar9287.interface != null) { - "${cnf.ar9287.interface}" = hostapd.qualcomAtherosAR9287 { - inherit (cnf.ar9287) channel; - bssid = "@BSSID_AR9287_0@"; - ssid = "TurrisRules"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; - bridge = "brlan"; - bss = { - "${cnf.ar9287.interface}.guest" = { - bssid = "@BSSID_AR9287_1@"; - ssid = "Kocovi"; - wpa = 2; - wpaPassphrase = "@PASS_KOCOVI@"; - bridge = "brguest"; - }; - }; - }; - }) - // (optionalAttrs (cnf.qca988x.interface != null) { - "${cnf.qca988x.interface}" = hostapd.qualcomAtherosQCA988x { - inherit (cnf.qca988x) channel; - bssid = "@BSSID_QCA988X_0@"; - ssid = "TurrisRules5"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; - bridge = "brlan"; - bss = { - "${cnf.qca988x.interface}.guest" = { - bssid = "@BSSID_QCA988X_1@"; - ssid = "Kocovi"; - wpa = 2; - wpaPassphrase = "@PASS_KOCOVI@"; - bridge = "brguest"; - }; - }; - }; - }); + #enable = true; + #countryCode = "CZ"; + #interfaces = + # (optionalAttrs (cnf.ar9287.interface != null) { + # "${cnf.ar9287.interface}" = hostapd.qualcomAtherosAR9287 { + # inherit (cnf.ar9287) channel; + # bssid = "@BSSID_AR9287_0@"; + # ssid = "TurrisRules"; + # wpa = 2; + # wpaPassphrase = "@PASS_TURRIS_RULES@"; + # bridge = "brlan"; + # bss = { + # "${cnf.ar9287.interface}.guest" = { + # bssid = "@BSSID_AR9287_1@"; + # ssid = "Kocovi"; + # wpa = 2; + # wpaPassphrase = "@PASS_KOCOVI@"; + # bridge = "brguest"; + # }; + # }; + # }; + # }) + # // (optionalAttrs (cnf.qca988x.interface != null) { + # "${cnf.qca988x.interface}" = hostapd.qualcomAtherosQCA988x { + # inherit (cnf.qca988x) channel; + # bssid = "@BSSID_QCA988X_0@"; + # ssid = "TurrisRules5"; + # wpa = 2; + # wpaPassphrase = "@PASS_TURRIS_RULES@"; + # bridge = "brlan"; + # bss = { + # "${cnf.qca988x.interface}.guest" = { + # bssid = "@BSSID_QCA988X_1@"; + # ssid = "Kocovi"; + # wpa = 2; + # wpaPassphrase = "@PASS_KOCOVI@"; + # bridge = "brguest"; + # }; + # }; + # }; + # }); }; networking.bridges = { brlan.interfaces = filter (v: v != null) [ |