aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--flake.lock18
-rw-r--r--nixos/configurations.nix4
-rw-r--r--nixos/default.nix9
-rw-r--r--nixos/machine/adm-omnia.nix4
-rw-r--r--nixos/machine/adm-omnia2.nix6
-rw-r--r--nixos/machine/spt-mox.nix60
-rw-r--r--nixos/machine/spt-mox2.nix70
-rw-r--r--nixos/modules/default.nix2
-rw-r--r--nixos/modules/wifi-adm.nix98
-rw-r--r--nixos/routers/default.nix5
-rw-r--r--nixos/routers/router.nix (renamed from nixos/modules/router.nix)0
-rw-r--r--nixos/routers/wifi-adm.nix97
-rw-r--r--nixos/routers/wifi-spt.nix83
13 files changed, 247 insertions, 209 deletions
diff --git a/flake.lock b/flake.lock
index 02a566e..27c19ec 100644
--- a/flake.lock
+++ b/flake.lock
@@ -93,11 +93,11 @@
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
- "lastModified": 1674221769,
- "narHash": "sha256-R96ogn1ZZ9LFnGHzDV+Ns3jAPIwb7FiPBXYUbsJKGms=",
+ "lastModified": 1674463140,
+ "narHash": "sha256-l1TXSVuXDa7PJf1js1zSao8XDTxzOCim7HfrTxr7l1g=",
"owner": "NixOS",
"repo": "nix",
- "rev": "04de0dd0b4059c75115c780dae8ddc49a847b0e5",
+ "rev": "90e630a542c163e4d0fa2fb28bc6e1782e4bd394",
"type": "github"
},
"original": {
@@ -251,8 +251,8 @@
]
},
"locked": {
- "lastModified": 1674418452,
- "narHash": "sha256-sbvyo/FDdDTe1Vqbu0338cJGeixWq4Uu/HZCLBZtr1U=",
+ "lastModified": 1674466899,
+ "narHash": "sha256-3JK5N/n0hz1pLYngi451DIPy+Bo627ceaT+4E9gFDFQ=",
"type": "git",
"url": "file:///home/cynerd/projects/nixturris"
},
@@ -263,11 +263,11 @@
},
"personal-secret": {
"locked": {
- "lastModified": 1674426375,
- "narHash": "sha256-8FrAIKgvw+uMXOKMS6zqN6oTXuY2MN6N1GBxOPaAVj8=",
+ "lastModified": 1674470859,
+ "narHash": "sha256-hUGfB9KOwv7q526G0a/2S95vVmzCektir+Ej+udm5fE=",
"ref": "refs/heads/master",
- "rev": "7b32419d01a30262ac522288f2753f2b8ab5016a",
- "revCount": 65,
+ "rev": "07aa2122b589de2f1cd824201b1bd38beeca0c92",
+ "revCount": 66,
"type": "git",
"url": "ssh://git@cynerd.cz/nixos-personal-secret"
},
diff --git a/nixos/configurations.nix b/nixos/configurations.nix
index 943b59a..6151c0d 100644
--- a/nixos/configurations.nix
+++ b/nixos/configurations.nix
@@ -99,8 +99,8 @@ with nixpkgs.lib; let
${hostname} = nixturris.lib.nixturrisSystem {
nixpkgs = nixpkgs;
board = board;
- modules = modules hostname;
- override.specialArgs = specialArgs;
+ modules = [self.nixosModules.defaultRouters] ++ modules hostname;
+ specialArgs = specialArgs;
};
};
turrisMoxSystem = turrisSystem "mox";
diff --git a/nixos/default.nix b/nixos/default.nix
index 7569de0..2d5ff8e 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -1,9 +1,12 @@
-self: let
- modules = import ./modules;
+self:
+with builtins; let
machines = import ./machine self;
+ modules = import ./modules;
+ routers = import ./routers;
in
modules
// machines
// {
- default = {imports = builtins.attrValues modules;};
+ default = {imports = attrValues modules;};
+ defaultRouters = {imports = attrValues routers;};
}
diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix
index e3a66e1..5fe2127 100644
--- a/nixos/machine/adm-omnia.nix
+++ b/nixos/machine/adm-omnia.nix
@@ -14,8 +14,8 @@ with lib; {
};
wifiAP.adm = {
enable = true;
- w24.interface = "wlp3s0";
- w5.interface = "wlp2s0";
+ ar9287.interface = "wlp3s0";
+ qca988x.interface = "wlp2s0";
};
openvpn.oldpersonal = false;
};
diff --git a/nixos/machine/adm-omnia2.nix b/nixos/machine/adm-omnia2.nix
index ba71e7d..be55d54 100644
--- a/nixos/machine/adm-omnia2.nix
+++ b/nixos/machine/adm-omnia2.nix
@@ -9,8 +9,8 @@ with lib; {
cynerd = {
wifiAP.adm = {
enable = true;
- w24.interface = "wlp3s0";
- w5.interface = "wlp2s0";
+ ar9287.interface = "wlp3s0";
+ qca988x.interface = "wlp2s0";
};
};
@@ -22,7 +22,7 @@ with lib; {
};
};
bridges = {
- brlan.interfaces = [ "end2" "lan0" "lan1" "lan2" "lan3" "lan4" ];
+ brlan.interfaces = ["end2" "lan0" "lan1" "lan2" "lan3" "lan4"];
brguest.interfaces = ["brlan.guest"];
};
interfaces.brlan.ipv4.addresses = [
diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix
index 84029c6..6ca780a 100644
--- a/nixos/machine/spt-mox.nix
+++ b/nixos/machine/spt-mox.nix
@@ -7,61 +7,37 @@
with builtins;
with lib; {
config = {
- cynerd.home-assistant = true;
-
- networking.wirelessAP = {
- enable = true;
- environmentFile = "/run/secrets/hostapd.env";
- interfaces = {
- "wls1" = {
- countryCode = "CZ";
+ cynerd = {
+ home-assistant = true;
+ wifiAP.spt = {
+ enable = true;
+ qca988x = {
+ interface = "wls1";
channel = 7;
- hwMode = "g";
- ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"];
- ssid = "TurrisRules";
- bridge = "brlan";
- wpa = 2;
- wpaPassphrase = "@PASS_TURRIS_RULES@";
};
};
};
networking = {
vlans = {
- "eth0.2" = {
+ "brlan.guest" = {
id = 2;
- interface = "eth0";
+ interface = "brlan";
};
};
bridges = {
- brlan = {
- interfaces = [
- "eth0"
- "lan1"
- "lan2"
- "lan3"
- "lan4"
- ];
- };
- brguest = {
- interfaces = [
- "eth0.2"
- ];
- };
- };
- interfaces.brlan = {
- ipv4 = {
- addresses = [
- {
- address = config.cynerd.hosts.spt.mox;
- prefixLength = 24;
- }
- ];
- };
+ brlan.interfaces = ["eth0" "lan1" "lan2" "lan3" "lan4"];
+ brguest.interfaces = ["brlan.guest"];
};
+ interfaces.brlan.ipv4.addresses = [
+ {
+ address = config.cynerd.hosts.spt.mox;
+ prefixLength = 24;
+ }
+ ];
defaultGateway = config.cynerd.hosts.spt.omnia;
- nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"];
- dhcpcd.allowInterfaces = ["brlan"];
+ nameservers = ["1.1.1.1" "8.8.8.8"];
+ dhcpcd.allowInterfaces = [];
};
};
}
diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix
index b504563..32bd9b0 100644
--- a/nixos/machine/spt-mox2.nix
+++ b/nixos/machine/spt-mox2.nix
@@ -6,6 +6,16 @@
}:
with lib; {
config = {
+ cynerd = {
+ wifiAP.spt = {
+ enable = true;
+ qca988x = {
+ interface = "wls1";
+ channel = 7;
+ };
+ };
+ };
+
swapDevices = [
{
device = "/dev/disk/by-partlabel/NixTurrisSwap";
@@ -13,62 +23,26 @@ with lib; {
}
];
- networking.wirelessAP = {
- enable = true;
- environmentFile = "/run/secrets/hostapd.env";
- interfaces = {
- "wls1" = {
- countryCode = "CZ";
- channel = 7;
- hwMode = "g";
- ht_capab = ["LDPC" "HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"];
- ssid = "TurrisRules";
- bridge = "brlan";
- wpa = 2;
- wpaPassphrase = "@PASS_TURRIS_RULES@";
- #bss = {
- # "wlp1s0host" = {
- # ssid = "KocoviGuest";
- # wpa = true;
- # wpaPassphrase = "@PASS_KOCOVI@";
- # };
- #};
- };
- };
- };
-
networking = {
vlans = {
- "eth0.2" = {
+ "brlan.guest" = {
id = 2;
- interface = "eth0";
+ interface = "brlan";
};
};
bridges = {
- brlan = {
- interfaces = [
- "eth0"
- ];
- };
- brguest = {
- interfaces = [
- "eth0.2"
- ];
- };
- };
- interfaces.brlan = {
- ipv4 = {
- addresses = [
- {
- address = config.cynerd.hosts.spt.mox2;
- prefixLength = 24;
- }
- ];
- };
+ brlan.interfaces = ["eth0"];
+ brguest.interfaces = ["brlan.guest"];
};
+ interfaces.brlan.ipv4.addresses = [
+ {
+ address = config.cynerd.hosts.spt.mox;
+ prefixLength = 24;
+ }
+ ];
defaultGateway = config.cynerd.hosts.spt.omnia;
- nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"];
- dhcpcd.allowInterfaces = ["brlan"];
+ nameservers = ["1.1.1.1" "8.8.8.8"];
+ dhcpcd.allowInterfaces = [];
};
};
}
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index 7d12eef..72221d8 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -9,8 +9,6 @@
cynerd-hosts = import ./hosts.nix;
cynerd-monitoring = import ./monitoring.nix;
cynerd-openvpn = import ./openvpn.nix;
- cynerd-router = import ./router.nix;
cynerd-syncthing = import ./syncthing.nix;
- cynerd-wifi-adm = import ./wifi-adm.nix;
cynerd-wifi-client = import ./wifi-client.nix;
}
diff --git a/nixos/modules/wifi-adm.nix b/nixos/modules/wifi-adm.nix
deleted file mode 100644
index 46476a3..0000000
--- a/nixos/modules/wifi-adm.nix
+++ /dev/null
@@ -1,98 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}:
-with lib; let
- cnf = config.cynerd.wifiAP.adm;
-
- wOptions = band: channelDefault: {
- interface = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "Specify interface for ${band}";
- };
- channel = mkOption {
- type = types.ints.positive;
- default = channelDefault;
- description = "Channel to be used for ${band} range";
- };
- };
-in {
- options = {
- cynerd.wifiAP.adm = {
- enable = mkEnableOption "Enable Wi-Fi Access Point support";
- w24 = wOptions "2.4GHz" 7;
- w5 = wOptions "5GHz" 36;
- };
- };
-
- config = mkIf cnf.enable {
- networking.wirelessAP = {
- enable = true;
- environmentFile = "/run/secrets/hostapd.env";
- interfaces =
- (optionalAttrs (cnf.w24.interface != null) {
- "${cnf.w24.interface}" = {
- bssid = "@BSSID_W24_0@";
- countryCode = "CZ";
- hwMode = "g";
- channel = cnf.w24.channel;
- ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"];
- ssid = "TurrisAdamkovi";
- wpa = 2;
- wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@";
- bridge = "brlan";
- bss = {
- "wlp3s0.nela" = {
- bssid = "@BSSID_W24_1@";
- ssid = "Nela";
- wpa = 2;
- wpaPassphrase = "@PASS_NELA@";
- bridge = "brguest";
- };
- "wlp3s0.milan" = {
- bssid = "@BSSID_W24_2@";
- ssid = "MILAN-AC";
- wpa = 2;
- wpaPassphrase = "@PASS_MILAN_AC@";
- bridge = "brguest";
- };
- };
- };
- })
- // (optionalAttrs (cnf.w5.interface != null) {
- "${cnf.w5.interface}" = {
- bssid = "@BSSID_W5_0@";
- countryCode = "CZ";
- hwMode = "a";
- channel = cnf.w5.channel;
- ieee80211ac = true;
- ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"];
- vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"];
- ssid = "TurrisAdamkovi5";
- wpa = 2;
- wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@";
- bridge = "brlan";
- bss = {
- "wlp2s0.nela" = {
- bssid = "@BSSID_W5_1@";
- ssid = "Nela5";
- wpa = 2;
- wpaPassphrase = "@PASS_NELA@";
- bridge = "brguest";
- };
- "wlp2s0.milan" = {
- bssid = "@BSSID_W5_2@";
- ssid = "MILAN-AC";
- wpa = 2;
- wpaPassphrase = "@PASS_MILAN_AC@";
- bridge = "brguest";
- };
- };
- };
- });
- };
- };
-}
diff --git a/nixos/routers/default.nix b/nixos/routers/default.nix
new file mode 100644
index 0000000..ab64316
--- /dev/null
+++ b/nixos/routers/default.nix
@@ -0,0 +1,5 @@
+{
+ cynerd-router = import ./router.nix;
+ cynerd-wifi-adm = import ./wifi-adm.nix;
+ cynerd-wifi-spt = import ./wifi-spt.nix;
+}
diff --git a/nixos/modules/router.nix b/nixos/routers/router.nix
index f5c8668..f5c8668 100644
--- a/nixos/modules/router.nix
+++ b/nixos/routers/router.nix
diff --git a/nixos/routers/wifi-adm.nix b/nixos/routers/wifi-adm.nix
new file mode 100644
index 0000000..df334e5
--- /dev/null
+++ b/nixos/routers/wifi-adm.nix
@@ -0,0 +1,97 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
+ cnf = config.cynerd.wifiAP.adm;
+
+ wOptions = card: channelDefault: {
+ interface = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "Specify interface for ${card}";
+ };
+ channel = mkOption {
+ type = types.ints.positive;
+ default = channelDefault;
+ description = "Channel to be used for ${card}";
+ };
+ };
+in {
+ options = {
+ cynerd.wifiAP.adm = {
+ enable = mkEnableOption "Enable Wi-Fi Access Point support";
+ ar9287 = wOptions "Qualcom Atheros AR9287" 7;
+ qca988x = wOptions "Qualcom Atheros QCA988x" 36;
+ };
+ };
+
+ config = mkIf cnf.enable {
+ networking.wirelessAP = {
+ enable = true;
+ environmentFile = "/run/secrets/hostapd.env";
+ interfaces =
+ (optionalAttrs (cnf.ar9287.interface != null) {
+ "${cnf.ar9287.interface}" =
+ wifiAP.qualcomAtherosAR9287 {
+ channel = cnf.ar9287.channel;
+ }
+ // {
+ bssid = "@BSSID_W24_0@";
+ ssid = "TurrisAdamkovi";
+ wpa = 2;
+ wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@";
+ bridge = "brlan";
+ bss = {
+ "${cnf.ar9287.interface}.nela" = {
+ bssid = "@BSSID_W24_1@";
+ ssid = "Nela";
+ wpa = 2;
+ wpaPassphrase = "@PASS_NELA@";
+ bridge = "brguest";
+ };
+ "${cnf.ar9287.interface}.milan" = {
+ bssid = "@BSSID_W24_2@";
+ ssid = "MILAN-AC";
+ wpa = 2;
+ wpaPassphrase = "@PASS_MILAN_AC@";
+ bridge = "brguest";
+ };
+ };
+ };
+ })
+ // (optionalAttrs (cnf.qca988x.interface != null) {
+ "${cnf.qca988x.interface}" =
+ wifiAP.qualcomAtherosQCA988x {
+ channel = cnf.qca988x.channel;
+ }
+ // {
+ bssid = "@BSSID_W5_0@";
+ countryCode = "CZ";
+ ssid = "TurrisAdamkovi5";
+ wpa = 2;
+ wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@";
+ bridge = "brlan";
+ bss = {
+ "${cnf.qca988x.interface}.nela" = {
+ bssid = "@BSSID_W5_1@";
+ ssid = "Nela5";
+ wpa = 2;
+ wpaPassphrase = "@PASS_NELA@";
+ bridge = "brguest";
+ };
+ "${cnf.qca988x.interface}.milan" = {
+ bssid = "@BSSID_W5_2@";
+ ssid = "MILAN-AC";
+ wpa = 2;
+ wpaPassphrase = "@PASS_MILAN_AC@";
+ bridge = "brguest";
+ };
+ };
+ };
+ });
+ };
+ };
+}
diff --git a/nixos/routers/wifi-spt.nix b/nixos/routers/wifi-spt.nix
new file mode 100644
index 0000000..1cbb567
--- /dev/null
+++ b/nixos/routers/wifi-spt.nix
@@ -0,0 +1,83 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
+ cnf = config.cynerd.wifiAP.spt;
+
+ wOptions = card: channelDefault: {
+ interface = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "Specify interface for ${card}";
+ };
+ channel = mkOption {
+ type = types.ints.positive;
+ default = channelDefault;
+ description = "Channel to be used for ${card}";
+ };
+ };
+in {
+ options = {
+ cynerd.wifiAP.spt = {
+ enable = mkEnableOption "Enable Wi-Fi Access Point support";
+ ar9287 = wOptions "Qualcom Atheros AR9287" 7;
+ qca988x = wOptions "Qualcom Atheros QCA988x" 36;
+ };
+ };
+
+ config = mkIf cnf.enable {
+ networking.wirelessAP = {
+ enable = true;
+ environmentFile = "/run/secrets/hostapd.env";
+ interfaces =
+ (optionalAttrs (cnf.ar9287.interface != null) {
+ "${cnf.ar9287.interface}" =
+ wifiAP.qualcomAtherosAR9287 {
+ channel = cnf.ar9287.channel;
+ }
+ // {
+ bssid = "@BSSID_AR9287_0@";
+ ssid = "TurrisRules";
+ wpa = 2;
+ wpaPassphrase = "@PASS_TURRIS_RULES@";
+ bridge = "brlan";
+ bss = {
+ "${cnf.ar9287.interface}.guest" = {
+ bssid = "@BSSID_AR9287_1@";
+ ssid = "Kocovi";
+ wpa = 2;
+ wpaPassphrase = "@PASS_KOCOVI@";
+ bridge = "brguest";
+ };
+ };
+ };
+ })
+ // (optionalAttrs (cnf.qca988x.interface != null) {
+ "${cnf.qca988x.interface}" =
+ wifiAP.qualcomAtherosQCA988x {
+ channel = cnf.qca988x.channel;
+ }
+ // {
+ bssid = "@BSSID_QCA988X_0@";
+ countryCode = "CZ";
+ ssid = "TurrisRules5";
+ wpa = 2;
+ wpaPassphrase = "@PASS_TURRIS_RULES@";
+ bridge = "brlan";
+ bss = {
+ "${cnf.qca988x.interface}.guest" = {
+ bssid = "@BSSID_QCA988X_1@";
+ ssid = "Kocovi";
+ wpa = 2;
+ wpaPassphrase = "@PASS_KOCOVI@";
+ bridge = "brguest";
+ };
+ };
+ };
+ });
+ };
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 19:40:10 +0000