From 35733c66454cf0ce153a9730be77d51223397933 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Fri, 16 Feb 2024 00:09:45 +0100
Subject: nixos/spt-omnia: migrate to nixos

---
 flake.lock                  | 231 ++++++++++++++++++++++++++++----------------
 nixos/machine/spt-omnia.nix |  40 ++++----
 nixos/routers/router.nix    | 123 ++++++++++++-----------
 nixos/routers/wifi-spt.nix  | 112 ++++++++++-----------
 4 files changed, 290 insertions(+), 216 deletions(-)

diff --git a/flake.lock b/flake.lock
index 5f5b88f..31aa83e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -8,11 +8,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1703433843,
-        "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
+        "lastModified": 1707830867,
+        "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "417caa847f9383e111d1397039c9d4337d024bf0",
+        "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
         "type": "github"
       },
       "original": {
@@ -65,11 +65,28 @@
         "systems": "systems_9"
       },
       "locked": {
-        "lastModified": 1694529238,
-        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "lastModified": 1681202837,
+        "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
+        "type": "github"
+      },
+      "original": {
+        "id": "flake-utils",
+        "type": "indirect"
+      }
+    },
+    "flake-utils_11": {
+      "inputs": {
+        "systems": "systems_10"
+      },
+      "locked": {
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
         "type": "github"
       },
       "original": {
@@ -113,11 +130,11 @@
         "systems": "systems_4"
       },
       "locked": {
-        "lastModified": 1701680307,
-        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
         "type": "github"
       },
       "original": {
@@ -126,12 +143,15 @@
       }
     },
     "flake-utils_5": {
+      "inputs": {
+        "systems": "systems_5"
+      },
       "locked": {
-        "lastModified": 1678901627,
-        "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
         "type": "github"
       },
       "original": {
@@ -140,15 +160,12 @@
       }
     },
     "flake-utils_6": {
-      "inputs": {
-        "systems": "systems_5"
-      },
       "locked": {
-        "lastModified": 1705309234,
-        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
+        "lastModified": 1678901627,
+        "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
+        "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
         "type": "github"
       },
       "original": {
@@ -178,11 +195,11 @@
         "systems": "systems_7"
       },
       "locked": {
-        "lastModified": 1694529238,
-        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
         "type": "github"
       },
       "original": {
@@ -195,11 +212,11 @@
         "systems": "systems_8"
       },
       "locked": {
-        "lastModified": 1681202837,
-        "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
+        "lastModified": 1694529238,
+        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
+        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
         "type": "github"
       },
       "original": {
@@ -213,11 +230,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1706695147,
-        "narHash": "sha256-sS7EYbxsfOwFlzAEJld70+YjcZb7+2U2RyQrZH2gXBs=",
+        "lastModified": 1707918957,
+        "narHash": "sha256-6Ll9RRKKkR2UHReehRcM2kzhO6Rq9kOrRBwwSKgNIfY=",
         "ref": "refs/heads/master",
-        "rev": "3ec187fca17553751e7c996eed996ba24d70760d",
-        "revCount": 3478,
+        "rev": "710a24d16bde5f45a1c767ae870d534f5ddc774a",
+        "revCount": 3501,
         "submodules": true,
         "type": "git",
         "url": "https://gitlab.elektroline.cz/elektroline/flatlineng.git"
@@ -251,8 +268,8 @@
     },
     "libshv": {
       "inputs": {
-        "flake-utils": "flake-utils_8",
-        "nixpkgs": "nixpkgs_8"
+        "flake-utils": "flake-utils_9",
+        "nixpkgs": "nixpkgs_9"
       },
       "locked": {
         "lastModified": 1705505951,
@@ -291,11 +308,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1706182238,
-        "narHash": "sha256-Ti7CerGydU7xyrP/ow85lHsOpf+XMx98kQnPoQCSi1g=",
+        "lastModified": 1707842204,
+        "narHash": "sha256-M+HAq1qWQBi/gywaMZwX0odU+Qb/XeqVeANGKRBDOwU=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "f84eaffc35d1a655e84749228cde19922fcf55f1",
+        "rev": "f1b2f71c86a5b1941d20608db0b1e88a07d31303",
         "type": "github"
       },
       "original": {
@@ -303,6 +320,24 @@
         "type": "indirect"
       }
     },
+    "nixosdeploy": {
+      "inputs": {
+        "flake-utils": "flake-utils_4",
+        "nixpkgs": "nixpkgs_4"
+      },
+      "locked": {
+        "dirtyRev": "e3f3b2aae0944ed05eb28348de26ccb41e54403d-dirty",
+        "dirtyShortRev": "e3f3b2a-dirty",
+        "lastModified": 1706792024,
+        "narHash": "sha256-vXOxR7JlA93FqvIbI3BkOxiQH+swAyzVpsM+Z1MG23M=",
+        "type": "git",
+        "url": "file:///home/cynerd/projects/nixdeploy"
+      },
+      "original": {
+        "type": "git",
+        "url": "file:///home/cynerd/projects/nixdeploy"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1703013332,
@@ -320,6 +355,20 @@
       }
     },
     "nixpkgs_10": {
+      "locked": {
+        "lastModified": 1705566941,
+        "narHash": "sha256-CLNtVRDA8eUPk+bxsCCZtRO0Cp+SpHdn1nNOLoFypLs=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "b06ff4bf8f4ad900fe0c2a61fc2946edc3a84be7",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_11": {
       "locked": {
         "lastModified": 1682109806,
         "narHash": "sha256-d9g7RKNShMLboTWwukM+RObDWWpHKaqTYXB48clBWXI=",
@@ -333,13 +382,13 @@
         "type": "indirect"
       }
     },
-    "nixpkgs_11": {
+    "nixpkgs_12": {
       "locked": {
-        "lastModified": 1696419054,
-        "narHash": "sha256-EdR+dIKCfqL3voZUDYwcvgRDOektQB9KbhBVcE0/3Mo=",
+        "lastModified": 1707877513,
+        "narHash": "sha256-sp0w2apswd3wv0sAEF7StOGHkns3XUQaO5erhWFZWXk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "7131f3c223a2d799568e4b278380cd9dac2b8579",
+        "rev": "89653a03e0915e4a872788d10680e7eec92f8600",
         "type": "github"
       },
       "original": {
@@ -377,40 +426,40 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1706672657,
-        "narHash": "sha256-API05c0SDZrmzz1wpqt/K3iCwlaOqDeDfZGp0YGQnek=",
+        "lastModified": 1707877513,
+        "narHash": "sha256-sp0w2apswd3wv0sAEF7StOGHkns3XUQaO5erhWFZWXk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "632751bf0ceeefc74af7a9d2335ea923ad9c831a",
+        "rev": "89653a03e0915e4a872788d10680e7eec92f8600",
         "type": "github"
       },
       "original": {
         "id": "nixpkgs",
-        "ref": "nixos-unstable-small",
         "type": "indirect"
       }
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1704811223,
-        "narHash": "sha256-rcXk+mdSHG/Hp5bzTOCPyNXkcwjsxlhfmWg3Qw3gSuE=",
+        "lastModified": 1707885413,
+        "narHash": "sha256-7Syfxjpmh8xBoxvLiGvKF5gNa8+U+5AeGD6/9vIRUno=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "4b0751bbc680ed971f80be370a2874a72f3d42fc",
+        "rev": "4e91cd1c6859a363a34c837a50d97a9fb682fafa",
         "type": "github"
       },
       "original": {
         "id": "nixpkgs",
+        "ref": "nixos-unstable-small",
         "type": "indirect"
       }
     },
     "nixpkgs_6": {
       "locked": {
-        "lastModified": 1678875422,
-        "narHash": "sha256-T3o6NcQPwXjxJMn2shz86Chch4ljXgZn746c2caGxd8=",
+        "lastModified": 1707743206,
+        "narHash": "sha256-AehgH64b28yKobC/DAWYZWkJBxL/vP83vkY+ag2Hhy4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "126f49a01de5b7e35a43fd43f891ecf6d3a51459",
+        "rev": "2d627a2a704708673e56346fcb13d25344b8eaf3",
         "type": "github"
       },
       "original": {
@@ -420,11 +469,11 @@
     },
     "nixpkgs_7": {
       "locked": {
-        "lastModified": 1705566941,
-        "narHash": "sha256-CLNtVRDA8eUPk+bxsCCZtRO0Cp+SpHdn1nNOLoFypLs=",
+        "lastModified": 1678875422,
+        "narHash": "sha256-T3o6NcQPwXjxJMn2shz86Chch4ljXgZn746c2caGxd8=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b06ff4bf8f4ad900fe0c2a61fc2946edc3a84be7",
+        "rev": "126f49a01de5b7e35a43fd43f891ecf6d3a51459",
         "type": "github"
       },
       "original": {
@@ -434,11 +483,11 @@
     },
     "nixpkgs_8": {
       "locked": {
-        "lastModified": 1694948089,
-        "narHash": "sha256-d2B282GmQ9o8klc22/Rbbbj6r99EnELQpOQjWMyv0rU=",
+        "lastModified": 1705566941,
+        "narHash": "sha256-CLNtVRDA8eUPk+bxsCCZtRO0Cp+SpHdn1nNOLoFypLs=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "5148520bfab61f99fd25fb9ff7bfbb50dad3c9db",
+        "rev": "b06ff4bf8f4ad900fe0c2a61fc2946edc3a84be7",
         "type": "github"
       },
       "original": {
@@ -448,11 +497,11 @@
     },
     "nixpkgs_9": {
       "locked": {
-        "lastModified": 1705566941,
-        "narHash": "sha256-CLNtVRDA8eUPk+bxsCCZtRO0Cp+SpHdn1nNOLoFypLs=",
+        "lastModified": 1694948089,
+        "narHash": "sha256-d2B282GmQ9o8klc22/Rbbbj6r99EnELQpOQjWMyv0rU=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b06ff4bf8f4ad900fe0c2a61fc2946edc3a84be7",
+        "rev": "5148520bfab61f99fd25fb9ff7bfbb50dad3c9db",
         "type": "github"
       },
       "original": {
@@ -462,15 +511,15 @@
     },
     "nixturris": {
       "inputs": {
-        "flake-utils": "flake-utils_4",
-        "nixpkgs": "nixpkgs_5"
+        "flake-utils": "flake-utils_5",
+        "nixpkgs": "nixpkgs_6"
       },
       "locked": {
-        "lastModified": 1704961316,
-        "narHash": "sha256-u3yw1WX2ylbvWhcnfWPaDnJbfOJK+hQJIzN4EGE1mpg=",
+        "lastModified": 1707903116,
+        "narHash": "sha256-GXCQCsOP8D6mpPDUDJCyhyfUFFq/SfFxDS0ZS5Qg+0k=",
         "owner": "cynerd",
         "repo": "nixturris",
-        "rev": "b574e22723c7c067f8108f9203844879aa7f3358",
+        "rev": "8551fe9cd3bbf60c0ae8a6835291e3e1bc07280c",
         "type": "gitlab"
       },
       "original": {
@@ -481,11 +530,11 @@
     },
     "personal-secret": {
       "locked": {
-        "lastModified": 1706704967,
-        "narHash": "sha256-21g+CerizfIoMVG9h/idTVh2iqEuIGVy4RqptzCdJcw=",
+        "lastModified": 1707942813,
+        "narHash": "sha256-P4yJViu9SAKrO0htZoBoY7G3+G6QKS3hXPYn80TesmI=",
         "ref": "refs/heads/master",
-        "rev": "352af7c71944eb91a54441fdfc00108d4d3415b1",
-        "revCount": 84,
+        "rev": "f07ae9c8bd6d9186b7cd10ad4f5bb5657128603d",
+        "revCount": 87,
         "type": "git",
         "url": "ssh://git@cynerd.cz/nixos-personal-secret"
       },
@@ -496,9 +545,9 @@
     },
     "pyshv": {
       "inputs": {
-        "flake-utils": "flake-utils_7",
+        "flake-utils": "flake-utils_8",
         "libshv": "libshv",
-        "nixpkgs": "nixpkgs_9"
+        "nixpkgs": "nixpkgs_10"
       },
       "locked": {
         "lastModified": 1705600354,
@@ -521,7 +570,8 @@
         "flatline": "flatline",
         "nixbigclown": "nixbigclown",
         "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_4",
+        "nixosdeploy": "nixosdeploy",
+        "nixpkgs": "nixpkgs_5",
         "nixturris": "nixturris",
         "personal-secret": "personal-secret",
         "shellrc": "shellrc",
@@ -533,8 +583,8 @@
     },
     "shellrc": {
       "inputs": {
-        "flake-utils": "flake-utils_5",
-        "nixpkgs": "nixpkgs_6"
+        "flake-utils": "flake-utils_6",
+        "nixpkgs": "nixpkgs_7"
       },
       "locked": {
         "lastModified": 1701422437,
@@ -552,8 +602,8 @@
     },
     "shvcli": {
       "inputs": {
-        "flake-utils": "flake-utils_6",
-        "nixpkgs": "nixpkgs_7",
+        "flake-utils": "flake-utils_7",
+        "nixpkgs": "nixpkgs_8",
         "pyshv": "pyshv"
       },
       "locked": {
@@ -572,15 +622,15 @@
     },
     "shvspy": {
       "inputs": {
-        "flake-utils": "flake-utils_9",
-        "nixpkgs": "nixpkgs_10"
+        "flake-utils": "flake-utils_10",
+        "nixpkgs": "nixpkgs_11"
       },
       "locked": {
-        "lastModified": 1706565712,
-        "narHash": "sha256-Kof2N/GAvFEL64RShROlzCPKGBxGOJyK/omECaJ2Q+A=",
+        "lastModified": 1706904066,
+        "narHash": "sha256-w0rCOahhT991M+QWdEfhwb88B/juXTr66iauNu2w48s=",
         "ref": "refs/heads/master",
-        "rev": "f49cc9881c099044789e208a232e59492e9dc389",
-        "revCount": 428,
+        "rev": "fa91bbe409a899c8db86de565bf8d7cbba3dba9c",
+        "revCount": 432,
         "submodules": true,
         "type": "git",
         "url": "https://github.com/silicon-heaven/shvspy.git"
@@ -606,6 +656,21 @@
         "type": "github"
       }
     },
+    "systems_10": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "systems_2": {
       "locked": {
         "lastModified": 1681028828,
@@ -728,15 +793,15 @@
     },
     "usbkey": {
       "inputs": {
-        "flake-utils": "flake-utils_10",
-        "nixpkgs": "nixpkgs_11"
+        "flake-utils": "flake-utils_11",
+        "nixpkgs": "nixpkgs_12"
       },
       "locked": {
-        "lastModified": 1696631236,
-        "narHash": "sha256-zWYntwZjYroLLMpO2zmxCvaBiisF2XvBWwQIyek7+n4=",
+        "lastModified": 1707940956,
+        "narHash": "sha256-XUJEkayw/HJlSC1z1pZICju/IA5hx1mgF//ZYHY5QUM=",
         "owner": "cynerd",
         "repo": "usbkey",
-        "rev": "65a86a439a1340539891f83078b01cef0e1172de",
+        "rev": "01e2e4b0435163ce65c07573d2dccbfdcca10c36",
         "type": "gitlab"
       },
       "original": {
diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix
index 15cabb6..c0a6ec2 100644
--- a/nixos/machine/spt-omnia.nix
+++ b/nixos/machine/spt-omnia.nix
@@ -47,31 +47,35 @@ with lib; {
         };
         "end2.848" = {
           matchConfig.Name = "end2.848";
+          networkConfig.BindCarrier = "end2";
+        };
+        "pppoe-wan" = {
+          matchConfig.Name = "pppoe-wan";
           networkConfig = {
-            BindCarrier = "end2";
-            #DHCP = "ipv6";
-            #IPv6AcceptRA = "yes";
-            #DHCPPrefixDelegation = "yes";
+            BindCarrier = "end2.848";
+            DHCP = "ipv6";
+            IPv6AcceptRA = "yes";
+            DHCPPrefixDelegation = "yes";
+          };
+          dhcpPrefixDelegationConfig = {
+            UplinkInterface = ":self";
+            SubnetId = 0;
+            Announce = "no";
           };
-          #dhcpPrefixDelegationConfig = {
-          #  UplinkInterface = ":self";
-          #  SubnetId = 0;
-          #  Announce = "no";
-          #};
           linkConfig.RequiredForOnline = "routable";
         };
         "lan-brlan" = {
           matchConfig.Name = "lan*";
           networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              bridgeVLANConfig = {
-                EgressUntagged = 1;
-                PVID = 1;
-              };
-            }
-            {bridgeVLANConfig.VLAN = 2;}
-          ];
+          #bridgeVLANs = [
+          #  {
+          #    bridgeVLANConfig = {
+          #      EgressUntagged = 1;
+          #      PVID = 1;
+          #    };
+          #  }
+          #  {bridgeVLANConfig.VLAN = 2;}
+          #];
         };
       };
     };
diff --git a/nixos/routers/router.nix b/nixos/routers/router.nix
index 545f109..a3fc0c1 100644
--- a/nixos/routers/router.nix
+++ b/nixos/routers/router.nix
@@ -45,24 +45,24 @@ in {
       nftables.enable = true;
       firewall = {
         interfaces = {
-          "lan" = {
-            allowedUDPPorts = [53 67 68];
-            allowedTCPPorts = [53];
-          };
-          "guest" = {
+          "brlan" = {
             allowedUDPPorts = [53 67 68];
             allowedTCPPorts = [53];
           };
+          #"guest" = {
+          #  allowedUDPPorts = [53 67 68];
+          #  allowedTCPPorts = [53];
+          #};
         };
         filterForward = true;
-        extraForwardRules = ''
-          iifname "guest" oifname != "${cnf.wan}" drop comment "prevent guest to access lan"
-        '';
+        #extraForwardRules = ''
+        #  iifname "guest" oifname != "${cnf.wan}" drop comment "prevent guest to access brlan"
+        #'';
       };
       nat = {
         enable = true;
         externalInterface = cnf.wan;
-        internalInterfaces = ["lan" "guest"];
+        internalInterfaces = ["brlan"];
       };
     };
 
@@ -73,38 +73,43 @@ in {
             Kind = "bridge";
             Name = "brlan";
           };
-          extraConfig = ''
-            [Bridge]
-            DefaultPVID=none
-            VLANFiltering=yes
-          '';
-        };
-        "lan" = {
-          netdevConfig = {
-            Kind = "vlan";
-            Name = "lan";
-          };
-          vlanConfig.Id = 1;
-        };
-        "guest" = {
-          netdevConfig = {
-            Kind = "vlan";
-            Name = "guest";
-          };
-          vlanConfig.Id = 2;
+          #extraConfig = ''
+          #  [Bridge]
+          #  DefaultPVID=none
+          #  VLANFiltering=yes
+          #'';
         };
+        #"home" = {
+        #  netdevConfig = {
+        #    Kind = "vlan";
+        #    Name = "home";
+        #  };
+        #  vlanConfig.Id = 1;
+        #};
+        #"guest" = {
+        #  netdevConfig = {
+        #    Kind = "vlan";
+        #    Name = "guest";
+        #  };
+        #  vlanConfig.Id = 2;
+        #};
       };
       networks = {
         "brlan" = {
           matchConfig.Name = "brlan";
-          networkConfig.VLAN = ["lan" "guest"];
-          bridgeVLANs = [
-            {bridgeVLANConfig.VLAN = 1;}
-            {bridgeVLANConfig.VLAN = 2;}
-          ];
-        };
-        "lan" = {
-          matchConfig.Name = "lan";
+          #networkConfig.VLAN = ["home"];
+          #bridgeVLANs = [
+          #  {
+          #    bridgeVLANConfig = {
+          #      EgressUntagged = 1;
+          #      PVID = 1;
+          #    };
+          #  }
+          #  {bridgeVLANConfig.VLAN = 2;}
+          #];
+        #};
+        #"home" = {
+          #matchConfig.Name = "home";
           networkConfig = {
             Address = "${cnf.lanIP}/${toString cnf.lanPrefix}";
             IPForward = "yes";
@@ -126,29 +131,29 @@ in {
             Announce = "yes";
           };
         };
-        "guest" = {
-          matchConfig.Name = "guest";
-          networkConfig = {
-            Address = "192.168.1.1/24";
-            IPForward = "yes";
-            DHCPServer = "yes";
-            DHCPPrefixDelegation = "yes";
-            IPv6SendRA = "yes";
-            IPv6AcceptRA = "no";
-          };
-          dhcpServerConfig = {
-            UplinkInterface = cnf.wan;
-            PoolOffset = cnf.dynIPStart;
-            PoolSize = cnf.dynIPCount;
-            EmitDNS = "yes";
-            DNS = "1.1.1.1";
-          };
-          dhcpPrefixDelegationConfig = {
-            UplinkInterface = cnf.wan;
-            SubnetId = 2;
-            Announce = "yes";
-          };
-        };
+        #"guest" = {
+        #  matchConfig.Name = "guest";
+        #  networkConfig = {
+        #    Address = "192.168.1.1/24";
+        #    IPForward = "yes";
+        #    DHCPServer = "yes";
+        #    DHCPPrefixDelegation = "yes";
+        #    IPv6SendRA = "yes";
+        #    IPv6AcceptRA = "no";
+        #  };
+        #  dhcpServerConfig = {
+        #    UplinkInterface = cnf.wan;
+        #    PoolOffset = cnf.dynIPStart;
+        #    PoolSize = cnf.dynIPCount;
+        #    EmitDNS = "yes";
+        #    DNS = "1.1.1.1";
+        #  };
+        #  dhcpPrefixDelegationConfig = {
+        #    UplinkInterface = cnf.wan;
+        #    SubnetId = 2;
+        #    Announce = "yes";
+        #  };
+        #};
       };
       wait-online.anyInterface = true;
     };
diff --git a/nixos/routers/wifi-spt.nix b/nixos/routers/wifi-spt.nix
index 84527fd..0ebcaa1 100644
--- a/nixos/routers/wifi-spt.nix
+++ b/nixos/routers/wifi-spt.nix
@@ -54,14 +54,14 @@ in {
                   wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
                 };
               };
-              "${cnf.ar9287.interface}.guest" = {
-                bssid = elemAt cnf.ar9287.bssids 1;
-                ssid = "Kocovi";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
-                };
-              };
+              #"${cnf.ar9287.interface}.guest" = {
+              #  bssid = elemAt cnf.ar9287.bssids 1;
+              #  ssid = "Kocovi";
+              #  authentication = {
+              #    mode = "wpa2-sha256";
+              #    wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
+              #  };
+              #};
             };
           };
         }
@@ -96,14 +96,14 @@ in {
                   wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
                 };
               };
-              "${cnf.qca988x.interface}.guest" = {
-                bssid = elemAt cnf.qca988x.bssids 1;
-                ssid = "Kocovi";
-                authentication = {
-                  mode = "wpa2-sha256";
-                  wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
-                };
-              };
+              #"${cnf.qca988x.interface}.guest" = {
+              #  bssid = elemAt cnf.qca988x.bssids 1;
+              #  ssid = "Kocovi";
+              #  authentication = {
+              #    mode = "wpa2-sha256";
+              #    wpaPasswordFile = "/run/secrets/hostapd-Kocovi.pass";
+              #  };
+              #};
             };
           };
         };
@@ -113,53 +113,53 @@ in {
         "lan-${cnf.ar9287.interface}" = {
           matchConfig.Name = cnf.ar9287.interface;
           networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              bridgeVLANConfig = {
-                EgressUntagged = 1;
-                PVID = 1;
-              };
-            }
-          ];
-        };
-        "lan-${cnf.ar9287.interface}-guest" = {
-          matchConfig.Name = "${cnf.ar9287.interface}.guest";
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              bridgeVLANConfig = {
-                EgressUntagged = 2;
-                PVID = 2;
-              };
-            }
-          ];
+          #bridgeVLANs = [
+          #  {
+          #    bridgeVLANConfig = {
+          #      EgressUntagged = 1;
+          #      PVID = 1;
+          #    };
+          #  }
+          #];
         };
+        #"lan-${cnf.ar9287.interface}-guest" = {
+        #  matchConfig.Name = "${cnf.ar9287.interface}.guest";
+        #  networkConfig.Bridge = "brlan";
+        #  bridgeVLANs = [
+        #    {
+        #      bridgeVLANConfig = {
+        #        EgressUntagged = 2;
+        #        PVID = 2;
+        #      };
+        #    }
+        #  ];
+        #};
       }
       // mkIf (cnf.qca988x.interface != null) {
         "lan-${cnf.qca988x.interface}" = {
           matchConfig.Name = cnf.qca988x.interface;
           networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              bridgeVLANConfig = {
-                EgressUntagged = 1;
-                PVID = 1;
-              };
-            }
-          ];
-        };
-        "lan-${cnf.qca988x.interface}-guest" = {
-          matchConfig.Name = "${cnf.qca988x.interface}.guest";
-          networkConfig.Bridge = "brlan";
-          bridgeVLANs = [
-            {
-              bridgeVLANConfig = {
-                EgressUntagged = 2;
-                PVID = 2;
-              };
-            }
-          ];
+          #bridgeVLANs = [
+          #  {
+          #    bridgeVLANConfig = {
+          #      EgressUntagged = 1;
+          #      PVID = 1;
+          #    };
+          #  }
+          #];
         };
+        #"lan-${cnf.qca988x.interface}-guest" = {
+        #  matchConfig.Name = "${cnf.qca988x.interface}.guest";
+        #  networkConfig.Bridge = "brlan";
+        #  bridgeVLANs = [
+        #    {
+        #      bridgeVLANConfig = {
+        #        EgressUntagged = 2;
+        #        PVID = 2;
+        #      };
+        #    }
+        #  ];
+        #};
       };
   };
 }
-- 
cgit v1.2.3