From b7dd9f396326ab914897900fbaa1e16a46928adf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Wed, 18 Jan 2023 22:54:54 +0100
Subject: nioxos: 5GHz Wi-Fi

---
 nixos/machine/spt-omnia.nix | 83 ++++++++++++++++++++++++++++++---------------
 1 file changed, 56 insertions(+), 27 deletions(-)

(limited to 'nixos/machine/spt-omnia.nix')

diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix
index 6db1f7b..0c14e8c 100644
--- a/nixos/machine/spt-omnia.nix
+++ b/nixos/machine/spt-omnia.nix
@@ -7,39 +7,68 @@
 with lib; {
   config = {
     cynerd = {
+      router = {
+        enable = true;
+        wan = "pppoe-wan";
+        lanIP = config.cynerd.hosts.spt.omnia;
+      };
       openvpn.oldpersonal = true;
     };
 
-    networking = {
-      # TODO we need vlan filtering to filter out guest network
-      bridges = {
-        brlan = {
-          interfaces = [
-            "lan0"
-            "lan1"
-            "lan2"
-            "lan3"
-            "lan4"
-          ];
+    networking.vlan."end2.848" = {
+      id = "848";
+      interface = "end2";
+    };
+    # TODO pppd service requires end2.848 interface
+    services.pppd = {
+      enable = true;
+      peers."wan".config = ''
+        plugin pppoe.so end2.848
+        ifname pppoe-wan
+        lcp-echo-interval 1
+        lcp-echo-failure 5
+        lcp-echo-adaptive
+        +ipv6
+        defaultroute
+        defaultroute6
+        usepeerdns
+        maxfail 1
+        user metronet
+        password metronet
+      '';
+    };
+
+    networking.bridges = {
+      brlan.interfaces = ["lan0" "lan1" "lan2" "lan3" "lan4"];
+    };
+
+    networking.wirelessAP = {
+      enable = true;
+      environmentFile = "/run/secrets/hostapd.env";
+      interfaces = {
+        "wlp2s0" = {
+          countryCode = "CZ";
+          hwMode = "a";
+          channel = 36;
+          ieee80211ac = true;
+          ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"];
+          vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"];
+          ssid = "TurrisRules5";
+          wpa = 2;
+          wpaPassphrase = "@PASS_TURRIS_RULES@";
+          bridge = "brlan";
         };
-        #brguest = {
-        #  interfaces = [
-        #    "brlan.2" #"mlan0host" "wlp1s0host"
-        #  ];
-        #};
-      };
-      interfaces.brlan = {
-        ipv4 = {
-          addresses = [
-            {
-              address = config.cynerd.hosts.spt.omnia;
-              prefixLength = 24;
-            }
-          ];
+        "wlp3s0" = {
+          countryCode = "CZ";
+          hwMode = "g";
+          channel = 7;
+          ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"];
+          ssid = "TurrisRules";
+          wpa = 2;
+          wpaPassphrase = "@PASS_TURRIS_RULES@";
+          bridge = "brlan";
         };
       };
-      nameservers = ["127.0.0.1" "1.1.1.1" "8.8.8.8"];
-      dhcpcd.allowInterfaces = ["end2"];
     };
 
     services.syncthing = {
-- 
cgit v1.2.3