1 files changed, 59 insertions, 98 deletions

diff --git a/nixos/modules/wifi-spt.nix b/nixos/modules/wifi-spt.nix
index d013473..bec093e 100644
--- a/nixos/modules/wifi-spt.nix
+++ b/nixos/modules/wifi-spt.nix
@@ -6,6 +6,61 @@
   inherit (lib) mkOption mkEnableOption types mkIf mkForce mkMerge hostapd elemAt;
   cnf = config.cynerd.wifiAP.spt;
 
+  wifi-networks = name: let
+    is2g = cnf."${name}".channel <= 14;
+  in {
+    "${cnf."${name}".interface}" = {
+      bssid = elemAt cnf."${name}".bssids 0;
+      ssid = "TurrisRules${
+        if is2g
+        then ""
+        else "5"
+      }";
+      authentication = {
+        mode = "wpa2-sha256";
+        wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
+      };
+      settings = mkIf is2g {
+        ieee80211w = 0;
+        wpa_key_mgmt = mkForce "WPA-PSK"; # force use without sha256
+      };
+    };
+    "${cnf."${name}".interface}.guest" = {
+      bssid = elemAt cnf."${name}".bssids 1;
+      ssid = "Kocovi";
+      authentication = {
+        mode = "wpa2-sha256";
+        wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
+      };
+    };
+  };
+
+  net-networks = name: {
+    "lan-${cnf."${name}".interface}" = {
+      matchConfig = {
+        Name = cnf."${name}".interface;
+        WLANInterfaceType = "ap";
+      };
+      networkConfig.Bridge = "brlan";
+      bridgeVLANs = [
+        {
+          EgressUntagged = 1;
+          PVID = 1;
+        }
+      ];
+    };
+    "lan-${cnf."${name}".interface}-guest" = {
+      matchConfig.Name = "${cnf."${name}".interface}.guest";
+      networkConfig.Bridge = "brlan";
+      bridgeVLANs = [
+        {
+          EgressUntagged = 2;
+          PVID = 2;
+        }
+      ];
+    };
+  };
+
   wOptions = card: channelDefault: {
     interface = mkOption {
       type = with types; nullOr str;
@@ -48,28 +103,7 @@ in {
               enable = true;
               inherit (hostapd.qualcomAtherosAR9287.wifi4) capabilities;
             };
-            networks = {
-              "${cnf.ar9287.interface}" = {
-                bssid = elemAt cnf.ar9287.bssids 0;
-                ssid = "TurrisRules";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
-                };
-                settings = {
-                  ieee80211w = 0;
-                  wpa_key_mgmt = mkForce "WPA-PSK"; # force use without sha256
-                };
-              };
-              "${cnf.ar9287.interface}.guest" = {
-                bssid = elemAt cnf.ar9287.bssids 1;
-                ssid = "Kocovi";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
-                };
-              };
-            };
+            networks = wifi-networks "ar9287";
           };
         })
         (mkIf (cnf.qca988x.interface != null) {
@@ -90,87 +124,14 @@ in {
               enable = !is2g;
               inherit (hostapd.qualcomAtherosQCA988x.wifi5) capabilities;
             };
-            networks = {
-              "${cnf.qca988x.interface}" = {
-                bssid = elemAt cnf.qca988x.bssids 0;
-                ssid = "TurrisRules${
-                  if is2g
-                  then ""
-                  else "5"
-                }";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
-                };
-                settings = mkIf is2g {
-                  ieee80211w = 0;
-                  wpa_key_mgmt = mkForce "WPA-PSK"; # force use without sha256
-                };
-              };
-              "${cnf.qca988x.interface}.guest" = {
-                bssid = elemAt cnf.qca988x.bssids 1;
-                ssid = "Kocovi";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
-                };
-              };
-            };
+            networks = wifi-networks "qca988x";
           };
         })
       ];
     };
     systemd.network.networks = mkMerge [
-      (mkIf (cnf.ar9287.interface != null) {
-        "lan-${cnf.ar9287.interface}" = {
-          matchConfig = {
-            Name = cnf.ar9287.interface;
-            WLANInterfaceType = "ap";
-          };
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              EgressUntagged = 1;
-              PVID = 1;
-            }
-          ];
-        };
-        "lan-${cnf.ar9287.interface}-guest" = {
-          matchConfig.Name = "${cnf.ar9287.interface}.guest";
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              EgressUntagged = 2;
-              PVID = 2;
-            }
-          ];
-        };
-      })
-      (mkIf (cnf.qca988x.interface != null) {
-        "lan-${cnf.qca988x.interface}" = {
-          matchConfig = {
-            Name = cnf.qca988x.interface;
-            WLANInterfaceType = "ap";
-          };
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              EgressUntagged = 1;
-              PVID = 1;
-            }
-          ];
-        };
-        "lan-${cnf.qca988x.interface}-guest" = {
-          matchConfig.Name = "${cnf.qca988x.interface}.guest";
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              EgressUntagged = 2;
-              PVID = 2;
-            }
-          ];
-        };
-      })
+      (mkIf (cnf.ar9287.interface != null) (net-networks "ar9287"))
+      (mkIf (cnf.qca988x.interface != null) (net-networks "qca988x"))
     ];
   };
 }