diff options
-rw-r--r-- | flake.lock | 18 | ||||
-rw-r--r-- | nixos/configurations.nix | 4 | ||||
-rw-r--r-- | nixos/default.nix | 9 | ||||
-rw-r--r-- | nixos/machine/adm-omnia.nix | 4 | ||||
-rw-r--r-- | nixos/machine/adm-omnia2.nix | 6 | ||||
-rw-r--r-- | nixos/machine/spt-mox.nix | 60 | ||||
-rw-r--r-- | nixos/machine/spt-mox2.nix | 70 | ||||
-rw-r--r-- | nixos/modules/default.nix | 2 | ||||
-rw-r--r-- | nixos/modules/wifi-adm.nix | 98 | ||||
-rw-r--r-- | nixos/routers/default.nix | 5 | ||||
-rw-r--r-- | nixos/routers/router.nix (renamed from nixos/modules/router.nix) | 0 | ||||
-rw-r--r-- | nixos/routers/wifi-adm.nix | 97 | ||||
-rw-r--r-- | nixos/routers/wifi-spt.nix | 83 |
13 files changed, 247 insertions, 209 deletions
@@ -93,11 +93,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1674221769, - "narHash": "sha256-R96ogn1ZZ9LFnGHzDV+Ns3jAPIwb7FiPBXYUbsJKGms=", + "lastModified": 1674463140, + "narHash": "sha256-l1TXSVuXDa7PJf1js1zSao8XDTxzOCim7HfrTxr7l1g=", "owner": "NixOS", "repo": "nix", - "rev": "04de0dd0b4059c75115c780dae8ddc49a847b0e5", + "rev": "90e630a542c163e4d0fa2fb28bc6e1782e4bd394", "type": "github" }, "original": { @@ -251,8 +251,8 @@ ] }, "locked": { - "lastModified": 1674418452, - "narHash": "sha256-sbvyo/FDdDTe1Vqbu0338cJGeixWq4Uu/HZCLBZtr1U=", + "lastModified": 1674466899, + "narHash": "sha256-3JK5N/n0hz1pLYngi451DIPy+Bo627ceaT+4E9gFDFQ=", "type": "git", "url": "file:///home/cynerd/projects/nixturris" }, @@ -263,11 +263,11 @@ }, "personal-secret": { "locked": { - "lastModified": 1674426375, - "narHash": "sha256-8FrAIKgvw+uMXOKMS6zqN6oTXuY2MN6N1GBxOPaAVj8=", + "lastModified": 1674470859, + "narHash": "sha256-hUGfB9KOwv7q526G0a/2S95vVmzCektir+Ej+udm5fE=", "ref": "refs/heads/master", - "rev": "7b32419d01a30262ac522288f2753f2b8ab5016a", - "revCount": 65, + "rev": "07aa2122b589de2f1cd824201b1bd38beeca0c92", + "revCount": 66, "type": "git", "url": "ssh://git@cynerd.cz/nixos-personal-secret" }, diff --git a/nixos/configurations.nix b/nixos/configurations.nix index 943b59a..6151c0d 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -99,8 +99,8 @@ with nixpkgs.lib; let ${hostname} = nixturris.lib.nixturrisSystem { nixpkgs = nixpkgs; board = board; - modules = modules hostname; - override.specialArgs = specialArgs; + modules = [self.nixosModules.defaultRouters] ++ modules hostname; + specialArgs = specialArgs; }; }; turrisMoxSystem = turrisSystem "mox"; diff --git a/nixos/default.nix b/nixos/default.nix index 7569de0..2d5ff8e 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,9 +1,12 @@ -self: let - modules = import ./modules; +self: +with builtins; let machines = import ./machine self; + modules = import ./modules; + routers = import ./routers; in modules // machines // { - default = {imports = builtins.attrValues modules;}; + default = {imports = attrValues modules;}; + defaultRouters = {imports = attrValues routers;}; } diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix index e3a66e1..5fe2127 100644 --- a/nixos/machine/adm-omnia.nix +++ b/nixos/machine/adm-omnia.nix @@ -14,8 +14,8 @@ with lib; { }; wifiAP.adm = { enable = true; - w24.interface = "wlp3s0"; - w5.interface = "wlp2s0"; + ar9287.interface = "wlp3s0"; + qca988x.interface = "wlp2s0"; }; openvpn.oldpersonal = false; }; diff --git a/nixos/machine/adm-omnia2.nix b/nixos/machine/adm-omnia2.nix index ba71e7d..be55d54 100644 --- a/nixos/machine/adm-omnia2.nix +++ b/nixos/machine/adm-omnia2.nix @@ -9,8 +9,8 @@ with lib; { cynerd = { wifiAP.adm = { enable = true; - w24.interface = "wlp3s0"; - w5.interface = "wlp2s0"; + ar9287.interface = "wlp3s0"; + qca988x.interface = "wlp2s0"; }; }; @@ -22,7 +22,7 @@ with lib; { }; }; bridges = { - brlan.interfaces = [ "end2" "lan0" "lan1" "lan2" "lan3" "lan4" ]; + brlan.interfaces = ["end2" "lan0" "lan1" "lan2" "lan3" "lan4"]; brguest.interfaces = ["brlan.guest"]; }; interfaces.brlan.ipv4.addresses = [ diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix index 84029c6..6ca780a 100644 --- a/nixos/machine/spt-mox.nix +++ b/nixos/machine/spt-mox.nix @@ -7,61 +7,37 @@ with builtins; with lib; { config = { - cynerd.home-assistant = true; - - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = { - "wls1" = { - countryCode = "CZ"; + cynerd = { + home-assistant = true; + wifiAP.spt = { + enable = true; + qca988x = { + interface = "wls1"; channel = 7; - hwMode = "g"; - ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"]; - ssid = "TurrisRules"; - bridge = "brlan"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; }; }; }; networking = { vlans = { - "eth0.2" = { + "brlan.guest" = { id = 2; - interface = "eth0"; + interface = "brlan"; }; }; bridges = { - brlan = { - interfaces = [ - "eth0" - "lan1" - "lan2" - "lan3" - "lan4" - ]; - }; - brguest = { - interfaces = [ - "eth0.2" - ]; - }; - }; - interfaces.brlan = { - ipv4 = { - addresses = [ - { - address = config.cynerd.hosts.spt.mox; - prefixLength = 24; - } - ]; - }; + brlan.interfaces = ["eth0" "lan1" "lan2" "lan3" "lan4"]; + brguest.interfaces = ["brlan.guest"]; }; + interfaces.brlan.ipv4.addresses = [ + { + address = config.cynerd.hosts.spt.mox; + prefixLength = 24; + } + ]; defaultGateway = config.cynerd.hosts.spt.omnia; - nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"]; - dhcpcd.allowInterfaces = ["brlan"]; + nameservers = ["1.1.1.1" "8.8.8.8"]; + dhcpcd.allowInterfaces = []; }; }; } diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix index b504563..32bd9b0 100644 --- a/nixos/machine/spt-mox2.nix +++ b/nixos/machine/spt-mox2.nix @@ -6,6 +6,16 @@ }: with lib; { config = { + cynerd = { + wifiAP.spt = { + enable = true; + qca988x = { + interface = "wls1"; + channel = 7; + }; + }; + }; + swapDevices = [ { device = "/dev/disk/by-partlabel/NixTurrisSwap"; @@ -13,62 +23,26 @@ with lib; { } ]; - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = { - "wls1" = { - countryCode = "CZ"; - channel = 7; - hwMode = "g"; - ht_capab = ["LDPC" "HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"]; - ssid = "TurrisRules"; - bridge = "brlan"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; - #bss = { - # "wlp1s0host" = { - # ssid = "KocoviGuest"; - # wpa = true; - # wpaPassphrase = "@PASS_KOCOVI@"; - # }; - #}; - }; - }; - }; - networking = { vlans = { - "eth0.2" = { + "brlan.guest" = { id = 2; - interface = "eth0"; + interface = "brlan"; }; }; bridges = { - brlan = { - interfaces = [ - "eth0" - ]; - }; - brguest = { - interfaces = [ - "eth0.2" - ]; - }; - }; - interfaces.brlan = { - ipv4 = { - addresses = [ - { - address = config.cynerd.hosts.spt.mox2; - prefixLength = 24; - } - ]; - }; + brlan.interfaces = ["eth0"]; + brguest.interfaces = ["brlan.guest"]; }; + interfaces.brlan.ipv4.addresses = [ + { + address = config.cynerd.hosts.spt.mox; + prefixLength = 24; + } + ]; defaultGateway = config.cynerd.hosts.spt.omnia; - nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"]; - dhcpcd.allowInterfaces = ["brlan"]; + nameservers = ["1.1.1.1" "8.8.8.8"]; + dhcpcd.allowInterfaces = []; }; }; } diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 7d12eef..72221d8 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -9,8 +9,6 @@ cynerd-hosts = import ./hosts.nix; cynerd-monitoring = import ./monitoring.nix; cynerd-openvpn = import ./openvpn.nix; - cynerd-router = import ./router.nix; cynerd-syncthing = import ./syncthing.nix; - cynerd-wifi-adm = import ./wifi-adm.nix; cynerd-wifi-client = import ./wifi-client.nix; } diff --git a/nixos/modules/wifi-adm.nix b/nixos/modules/wifi-adm.nix deleted file mode 100644 index 46476a3..0000000 --- a/nixos/modules/wifi-adm.nix +++ /dev/null @@ -1,98 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cnf = config.cynerd.wifiAP.adm; - - wOptions = band: channelDefault: { - interface = mkOption { - type = with types; nullOr str; - default = null; - description = "Specify interface for ${band}"; - }; - channel = mkOption { - type = types.ints.positive; - default = channelDefault; - description = "Channel to be used for ${band} range"; - }; - }; -in { - options = { - cynerd.wifiAP.adm = { - enable = mkEnableOption "Enable Wi-Fi Access Point support"; - w24 = wOptions "2.4GHz" 7; - w5 = wOptions "5GHz" 36; - }; - }; - - config = mkIf cnf.enable { - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = - (optionalAttrs (cnf.w24.interface != null) { - "${cnf.w24.interface}" = { - bssid = "@BSSID_W24_0@"; - countryCode = "CZ"; - hwMode = "g"; - channel = cnf.w24.channel; - ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"]; - ssid = "TurrisAdamkovi"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bridge = "brlan"; - bss = { - "wlp3s0.nela" = { - bssid = "@BSSID_W24_1@"; - ssid = "Nela"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; - bridge = "brguest"; - }; - "wlp3s0.milan" = { - bssid = "@BSSID_W24_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; - bridge = "brguest"; - }; - }; - }; - }) - // (optionalAttrs (cnf.w5.interface != null) { - "${cnf.w5.interface}" = { - bssid = "@BSSID_W5_0@"; - countryCode = "CZ"; - hwMode = "a"; - channel = cnf.w5.channel; - ieee80211ac = true; - ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"]; - vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"]; - ssid = "TurrisAdamkovi5"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bridge = "brlan"; - bss = { - "wlp2s0.nela" = { - bssid = "@BSSID_W5_1@"; - ssid = "Nela5"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; - bridge = "brguest"; - }; - "wlp2s0.milan" = { - bssid = "@BSSID_W5_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; - bridge = "brguest"; - }; - }; - }; - }); - }; - }; -} diff --git a/nixos/routers/default.nix b/nixos/routers/default.nix new file mode 100644 index 0000000..ab64316 --- /dev/null +++ b/nixos/routers/default.nix @@ -0,0 +1,5 @@ +{ + cynerd-router = import ./router.nix; + cynerd-wifi-adm = import ./wifi-adm.nix; + cynerd-wifi-spt = import ./wifi-spt.nix; +} diff --git a/nixos/modules/router.nix b/nixos/routers/router.nix index f5c8668..f5c8668 100644 --- a/nixos/modules/router.nix +++ b/nixos/routers/router.nix diff --git a/nixos/routers/wifi-adm.nix b/nixos/routers/wifi-adm.nix new file mode 100644 index 0000000..df334e5 --- /dev/null +++ b/nixos/routers/wifi-adm.nix @@ -0,0 +1,97 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cnf = config.cynerd.wifiAP.adm; + + wOptions = card: channelDefault: { + interface = mkOption { + type = with types; nullOr str; + default = null; + description = "Specify interface for ${card}"; + }; + channel = mkOption { + type = types.ints.positive; + default = channelDefault; + description = "Channel to be used for ${card}"; + }; + }; +in { + options = { + cynerd.wifiAP.adm = { + enable = mkEnableOption "Enable Wi-Fi Access Point support"; + ar9287 = wOptions "Qualcom Atheros AR9287" 7; + qca988x = wOptions "Qualcom Atheros QCA988x" 36; + }; + }; + + config = mkIf cnf.enable { + networking.wirelessAP = { + enable = true; + environmentFile = "/run/secrets/hostapd.env"; + interfaces = + (optionalAttrs (cnf.ar9287.interface != null) { + "${cnf.ar9287.interface}" = + wifiAP.qualcomAtherosAR9287 { + channel = cnf.ar9287.channel; + } + // { + bssid = "@BSSID_W24_0@"; + ssid = "TurrisAdamkovi"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; + bridge = "brlan"; + bss = { + "${cnf.ar9287.interface}.nela" = { + bssid = "@BSSID_W24_1@"; + ssid = "Nela"; + wpa = 2; + wpaPassphrase = "@PASS_NELA@"; + bridge = "brguest"; + }; + "${cnf.ar9287.interface}.milan" = { + bssid = "@BSSID_W24_2@"; + ssid = "MILAN-AC"; + wpa = 2; + wpaPassphrase = "@PASS_MILAN_AC@"; + bridge = "brguest"; + }; + }; + }; + }) + // (optionalAttrs (cnf.qca988x.interface != null) { + "${cnf.qca988x.interface}" = + wifiAP.qualcomAtherosQCA988x { + channel = cnf.qca988x.channel; + } + // { + bssid = "@BSSID_W5_0@"; + countryCode = "CZ"; + ssid = "TurrisAdamkovi5"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; + bridge = "brlan"; + bss = { + "${cnf.qca988x.interface}.nela" = { + bssid = "@BSSID_W5_1@"; + ssid = "Nela5"; + wpa = 2; + wpaPassphrase = "@PASS_NELA@"; + bridge = "brguest"; + }; + "${cnf.qca988x.interface}.milan" = { + bssid = "@BSSID_W5_2@"; + ssid = "MILAN-AC"; + wpa = 2; + wpaPassphrase = "@PASS_MILAN_AC@"; + bridge = "brguest"; + }; + }; + }; + }); + }; + }; +} diff --git a/nixos/routers/wifi-spt.nix b/nixos/routers/wifi-spt.nix new file mode 100644 index 0000000..1cbb567 --- /dev/null +++ b/nixos/routers/wifi-spt.nix @@ -0,0 +1,83 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cnf = config.cynerd.wifiAP.spt; + + wOptions = card: channelDefault: { + interface = mkOption { + type = with types; nullOr str; + default = null; + description = "Specify interface for ${card}"; + }; + channel = mkOption { + type = types.ints.positive; + default = channelDefault; + description = "Channel to be used for ${card}"; + }; + }; +in { + options = { + cynerd.wifiAP.spt = { + enable = mkEnableOption "Enable Wi-Fi Access Point support"; + ar9287 = wOptions "Qualcom Atheros AR9287" 7; + qca988x = wOptions "Qualcom Atheros QCA988x" 36; + }; + }; + + config = mkIf cnf.enable { + networking.wirelessAP = { + enable = true; + environmentFile = "/run/secrets/hostapd.env"; + interfaces = + (optionalAttrs (cnf.ar9287.interface != null) { + "${cnf.ar9287.interface}" = + wifiAP.qualcomAtherosAR9287 { + channel = cnf.ar9287.channel; + } + // { + bssid = "@BSSID_AR9287_0@"; + ssid = "TurrisRules"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_RULES@"; + bridge = "brlan"; + bss = { + "${cnf.ar9287.interface}.guest" = { + bssid = "@BSSID_AR9287_1@"; + ssid = "Kocovi"; + wpa = 2; + wpaPassphrase = "@PASS_KOCOVI@"; + bridge = "brguest"; + }; + }; + }; + }) + // (optionalAttrs (cnf.qca988x.interface != null) { + "${cnf.qca988x.interface}" = + wifiAP.qualcomAtherosQCA988x { + channel = cnf.qca988x.channel; + } + // { + bssid = "@BSSID_QCA988X_0@"; + countryCode = "CZ"; + ssid = "TurrisRules5"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_RULES@"; + bridge = "brlan"; + bss = { + "${cnf.qca988x.interface}.guest" = { + bssid = "@BSSID_QCA988X_1@"; + ssid = "Kocovi"; + wpa = 2; + wpaPassphrase = "@PASS_KOCOVI@"; + bridge = "brguest"; + }; + }; + }; + }); + }; + }; +} |