From 89a605727649bb4599af04681e40a19bf24e69a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 23 Jan 2023 21:23:23 +0100 Subject: nixos: improve wifi configuration --- nixos/configurations.nix | 4 +- nixos/default.nix | 9 ++-- nixos/machine/adm-omnia.nix | 4 +- nixos/machine/adm-omnia2.nix | 6 +-- nixos/machine/spt-mox.nix | 60 +++++++-------------- nixos/machine/spt-mox2.nix | 70 ++++++++---------------- nixos/modules/default.nix | 2 - nixos/modules/router.nix | 124 ------------------------------------------- nixos/modules/wifi-adm.nix | 98 ---------------------------------- nixos/routers/default.nix | 5 ++ nixos/routers/router.nix | 124 +++++++++++++++++++++++++++++++++++++++++++ nixos/routers/wifi-adm.nix | 97 +++++++++++++++++++++++++++++++++ nixos/routers/wifi-spt.nix | 83 +++++++++++++++++++++++++++++ 13 files changed, 362 insertions(+), 324 deletions(-) delete mode 100644 nixos/modules/router.nix delete mode 100644 nixos/modules/wifi-adm.nix create mode 100644 nixos/routers/default.nix create mode 100644 nixos/routers/router.nix create mode 100644 nixos/routers/wifi-adm.nix create mode 100644 nixos/routers/wifi-spt.nix (limited to 'nixos') diff --git a/nixos/configurations.nix b/nixos/configurations.nix index 943b59a..6151c0d 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -99,8 +99,8 @@ with nixpkgs.lib; let ${hostname} = nixturris.lib.nixturrisSystem { nixpkgs = nixpkgs; board = board; - modules = modules hostname; - override.specialArgs = specialArgs; + modules = [self.nixosModules.defaultRouters] ++ modules hostname; + specialArgs = specialArgs; }; }; turrisMoxSystem = turrisSystem "mox"; diff --git a/nixos/default.nix b/nixos/default.nix index 7569de0..2d5ff8e 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,9 +1,12 @@ -self: let - modules = import ./modules; +self: +with builtins; let machines = import ./machine self; + modules = import ./modules; + routers = import ./routers; in modules // machines // { - default = {imports = builtins.attrValues modules;}; + default = {imports = attrValues modules;}; + defaultRouters = {imports = attrValues routers;}; } diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix index e3a66e1..5fe2127 100644 --- a/nixos/machine/adm-omnia.nix +++ b/nixos/machine/adm-omnia.nix @@ -14,8 +14,8 @@ with lib; { }; wifiAP.adm = { enable = true; - w24.interface = "wlp3s0"; - w5.interface = "wlp2s0"; + ar9287.interface = "wlp3s0"; + qca988x.interface = "wlp2s0"; }; openvpn.oldpersonal = false; }; diff --git a/nixos/machine/adm-omnia2.nix b/nixos/machine/adm-omnia2.nix index ba71e7d..be55d54 100644 --- a/nixos/machine/adm-omnia2.nix +++ b/nixos/machine/adm-omnia2.nix @@ -9,8 +9,8 @@ with lib; { cynerd = { wifiAP.adm = { enable = true; - w24.interface = "wlp3s0"; - w5.interface = "wlp2s0"; + ar9287.interface = "wlp3s0"; + qca988x.interface = "wlp2s0"; }; }; @@ -22,7 +22,7 @@ with lib; { }; }; bridges = { - brlan.interfaces = [ "end2" "lan0" "lan1" "lan2" "lan3" "lan4" ]; + brlan.interfaces = ["end2" "lan0" "lan1" "lan2" "lan3" "lan4"]; brguest.interfaces = ["brlan.guest"]; }; interfaces.brlan.ipv4.addresses = [ diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix index 84029c6..6ca780a 100644 --- a/nixos/machine/spt-mox.nix +++ b/nixos/machine/spt-mox.nix @@ -7,61 +7,37 @@ with builtins; with lib; { config = { - cynerd.home-assistant = true; - - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = { - "wls1" = { - countryCode = "CZ"; + cynerd = { + home-assistant = true; + wifiAP.spt = { + enable = true; + qca988x = { + interface = "wls1"; channel = 7; - hwMode = "g"; - ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"]; - ssid = "TurrisRules"; - bridge = "brlan"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; }; }; }; networking = { vlans = { - "eth0.2" = { + "brlan.guest" = { id = 2; - interface = "eth0"; + interface = "brlan"; }; }; bridges = { - brlan = { - interfaces = [ - "eth0" - "lan1" - "lan2" - "lan3" - "lan4" - ]; - }; - brguest = { - interfaces = [ - "eth0.2" - ]; - }; - }; - interfaces.brlan = { - ipv4 = { - addresses = [ - { - address = config.cynerd.hosts.spt.mox; - prefixLength = 24; - } - ]; - }; + brlan.interfaces = ["eth0" "lan1" "lan2" "lan3" "lan4"]; + brguest.interfaces = ["brlan.guest"]; }; + interfaces.brlan.ipv4.addresses = [ + { + address = config.cynerd.hosts.spt.mox; + prefixLength = 24; + } + ]; defaultGateway = config.cynerd.hosts.spt.omnia; - nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"]; - dhcpcd.allowInterfaces = ["brlan"]; + nameservers = ["1.1.1.1" "8.8.8.8"]; + dhcpcd.allowInterfaces = []; }; }; } diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix index b504563..32bd9b0 100644 --- a/nixos/machine/spt-mox2.nix +++ b/nixos/machine/spt-mox2.nix @@ -6,6 +6,16 @@ }: with lib; { config = { + cynerd = { + wifiAP.spt = { + enable = true; + qca988x = { + interface = "wls1"; + channel = 7; + }; + }; + }; + swapDevices = [ { device = "/dev/disk/by-partlabel/NixTurrisSwap"; @@ -13,62 +23,26 @@ with lib; { } ]; - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = { - "wls1" = { - countryCode = "CZ"; - channel = 7; - hwMode = "g"; - ht_capab = ["LDPC" "HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"]; - ssid = "TurrisRules"; - bridge = "brlan"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_RULES@"; - #bss = { - # "wlp1s0host" = { - # ssid = "KocoviGuest"; - # wpa = true; - # wpaPassphrase = "@PASS_KOCOVI@"; - # }; - #}; - }; - }; - }; - networking = { vlans = { - "eth0.2" = { + "brlan.guest" = { id = 2; - interface = "eth0"; + interface = "brlan"; }; }; bridges = { - brlan = { - interfaces = [ - "eth0" - ]; - }; - brguest = { - interfaces = [ - "eth0.2" - ]; - }; - }; - interfaces.brlan = { - ipv4 = { - addresses = [ - { - address = config.cynerd.hosts.spt.mox2; - prefixLength = 24; - } - ]; - }; + brlan.interfaces = ["eth0"]; + brguest.interfaces = ["brlan.guest"]; }; + interfaces.brlan.ipv4.addresses = [ + { + address = config.cynerd.hosts.spt.mox; + prefixLength = 24; + } + ]; defaultGateway = config.cynerd.hosts.spt.omnia; - nameservers = [config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8"]; - dhcpcd.allowInterfaces = ["brlan"]; + nameservers = ["1.1.1.1" "8.8.8.8"]; + dhcpcd.allowInterfaces = []; }; }; } diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 7d12eef..72221d8 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -9,8 +9,6 @@ cynerd-hosts = import ./hosts.nix; cynerd-monitoring = import ./monitoring.nix; cynerd-openvpn = import ./openvpn.nix; - cynerd-router = import ./router.nix; cynerd-syncthing = import ./syncthing.nix; - cynerd-wifi-adm = import ./wifi-adm.nix; cynerd-wifi-client = import ./wifi-client.nix; } diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix deleted file mode 100644 index f5c8668..0000000 --- a/nixos/modules/router.nix +++ /dev/null @@ -1,124 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cnf = config.cynerd.router; -in { - options = { - cynerd.router = { - enable = mkOption { - type = types.bool; - default = false; - description = "Enable router support"; - }; - wan = mkOption { - type = types.str; - description = "Interface for the router's WAN"; - }; - lanIP = mkOption { - type = types.str; - description = "LAN IP address"; - }; - dynIPStart = mkOption { - type = types.ints.between 0 256; - default = 100; - description = "Offset for the dynamic IPv4 addresses"; - }; - dynIPCount = mkOption { - type = types.ints.between 0 256; - default = 100; - description = "Number of dynamically assigned IPv4 addresses"; - }; - lanPrefix = mkOption { - type = types.ints.between 0 32; - default = 24; - description = "LAN IP network prefix length"; - }; - }; - }; - - config = mkIf cnf.enable { - networking = { - interfaces = { - brlan.ipv4.addresses = [ - { - address = cnf.lanIP; - prefixLength = cnf.lanPrefix; - } - ]; - brguest.ipv4.addresses = [ - { - address = "192.168.1.1"; - prefixLength = 24; - } - ]; - }; - vlans = { - "brlan.guest" = { - interface = "brlan"; - id = 100; - }; - }; - bridges = { - brlan.interfaces = []; - brguest.interfaces = ["brlan.guest"]; - }; - nat = { - enable = true; - externalInterface = cnf.wan; - internalInterfaces = ["brlan" "brguest"]; - }; - dhcpcd.allowInterfaces = [cnf.wan]; - nameservers = ["1.1.1.1" "8.8.8.8"]; - }; - - services.dhcpd4 = { - enable = true; - authoritative = true; - interfaces = ["brlan" "brguest"]; - extraConfig = '' - option domain-name-servers 1.1.1.1, 8.8.8.8; - subnet ${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix} netmask ${ipv4.prefix2netmask cnf.lanPrefix} { - range ${ - ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart - } ${ - ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount) - }; - option routers ${cnf.lanIP}; - option subnet-mask ${ipv4.prefix2netmask cnf.lanPrefix}; - option broadcast-address ${ipv4.prefix2broadcast cnf.lanIP cnf.lanPrefix}; - } - subnet 192.168.1.0 netmask 255.255.255.0 { - range 192.168.1.50 192.168.1.254; - option routers 192.168.1.1; - option subnet-mask 255.255.255.0; - option broadcast-address 192.168.1.255; - } - ''; - }; - - services.dhcpd6 = { - # TODO - enable = false; - authoritative = true; - interfaces = ["brlan"]; - extraConfig = '' - ''; - }; - - services.kresd = { - enable = false; - }; - - networking.nftables.enable = true; - networking.firewall = { - filterForward = true; - extraForwardRules = '' - iifname "brguest" oifname != "${cnf.wan}" drop comment "prevent guest to access lan" - ''; - }; - }; -} diff --git a/nixos/modules/wifi-adm.nix b/nixos/modules/wifi-adm.nix deleted file mode 100644 index 46476a3..0000000 --- a/nixos/modules/wifi-adm.nix +++ /dev/null @@ -1,98 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cnf = config.cynerd.wifiAP.adm; - - wOptions = band: channelDefault: { - interface = mkOption { - type = with types; nullOr str; - default = null; - description = "Specify interface for ${band}"; - }; - channel = mkOption { - type = types.ints.positive; - default = channelDefault; - description = "Channel to be used for ${band} range"; - }; - }; -in { - options = { - cynerd.wifiAP.adm = { - enable = mkEnableOption "Enable Wi-Fi Access Point support"; - w24 = wOptions "2.4GHz" 7; - w5 = wOptions "5GHz" 36; - }; - }; - - config = mkIf cnf.enable { - networking.wirelessAP = { - enable = true; - environmentFile = "/run/secrets/hostapd.env"; - interfaces = - (optionalAttrs (cnf.w24.interface != null) { - "${cnf.w24.interface}" = { - bssid = "@BSSID_W24_0@"; - countryCode = "CZ"; - hwMode = "g"; - channel = cnf.w24.channel; - ht_capab = ["HT40+" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "DSSS_CCK-40"]; - ssid = "TurrisAdamkovi"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bridge = "brlan"; - bss = { - "wlp3s0.nela" = { - bssid = "@BSSID_W24_1@"; - ssid = "Nela"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; - bridge = "brguest"; - }; - "wlp3s0.milan" = { - bssid = "@BSSID_W24_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; - bridge = "brguest"; - }; - }; - }; - }) - // (optionalAttrs (cnf.w5.interface != null) { - "${cnf.w5.interface}" = { - bssid = "@BSSID_W5_0@"; - countryCode = "CZ"; - hwMode = "a"; - channel = cnf.w5.channel; - ieee80211ac = true; - ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"]; - vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"]; - ssid = "TurrisAdamkovi5"; - wpa = 2; - wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; - bridge = "brlan"; - bss = { - "wlp2s0.nela" = { - bssid = "@BSSID_W5_1@"; - ssid = "Nela5"; - wpa = 2; - wpaPassphrase = "@PASS_NELA@"; - bridge = "brguest"; - }; - "wlp2s0.milan" = { - bssid = "@BSSID_W5_2@"; - ssid = "MILAN-AC"; - wpa = 2; - wpaPassphrase = "@PASS_MILAN_AC@"; - bridge = "brguest"; - }; - }; - }; - }); - }; - }; -} diff --git a/nixos/routers/default.nix b/nixos/routers/default.nix new file mode 100644 index 0000000..ab64316 --- /dev/null +++ b/nixos/routers/default.nix @@ -0,0 +1,5 @@ +{ + cynerd-router = import ./router.nix; + cynerd-wifi-adm = import ./wifi-adm.nix; + cynerd-wifi-spt = import ./wifi-spt.nix; +} diff --git a/nixos/routers/router.nix b/nixos/routers/router.nix new file mode 100644 index 0000000..f5c8668 --- /dev/null +++ b/nixos/routers/router.nix @@ -0,0 +1,124 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cnf = config.cynerd.router; +in { + options = { + cynerd.router = { + enable = mkOption { + type = types.bool; + default = false; + description = "Enable router support"; + }; + wan = mkOption { + type = types.str; + description = "Interface for the router's WAN"; + }; + lanIP = mkOption { + type = types.str; + description = "LAN IP address"; + }; + dynIPStart = mkOption { + type = types.ints.between 0 256; + default = 100; + description = "Offset for the dynamic IPv4 addresses"; + }; + dynIPCount = mkOption { + type = types.ints.between 0 256; + default = 100; + description = "Number of dynamically assigned IPv4 addresses"; + }; + lanPrefix = mkOption { + type = types.ints.between 0 32; + default = 24; + description = "LAN IP network prefix length"; + }; + }; + }; + + config = mkIf cnf.enable { + networking = { + interfaces = { + brlan.ipv4.addresses = [ + { + address = cnf.lanIP; + prefixLength = cnf.lanPrefix; + } + ]; + brguest.ipv4.addresses = [ + { + address = "192.168.1.1"; + prefixLength = 24; + } + ]; + }; + vlans = { + "brlan.guest" = { + interface = "brlan"; + id = 100; + }; + }; + bridges = { + brlan.interfaces = []; + brguest.interfaces = ["brlan.guest"]; + }; + nat = { + enable = true; + externalInterface = cnf.wan; + internalInterfaces = ["brlan" "brguest"]; + }; + dhcpcd.allowInterfaces = [cnf.wan]; + nameservers = ["1.1.1.1" "8.8.8.8"]; + }; + + services.dhcpd4 = { + enable = true; + authoritative = true; + interfaces = ["brlan" "brguest"]; + extraConfig = '' + option domain-name-servers 1.1.1.1, 8.8.8.8; + subnet ${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix} netmask ${ipv4.prefix2netmask cnf.lanPrefix} { + range ${ + ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart + } ${ + ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount) + }; + option routers ${cnf.lanIP}; + option subnet-mask ${ipv4.prefix2netmask cnf.lanPrefix}; + option broadcast-address ${ipv4.prefix2broadcast cnf.lanIP cnf.lanPrefix}; + } + subnet 192.168.1.0 netmask 255.255.255.0 { + range 192.168.1.50 192.168.1.254; + option routers 192.168.1.1; + option subnet-mask 255.255.255.0; + option broadcast-address 192.168.1.255; + } + ''; + }; + + services.dhcpd6 = { + # TODO + enable = false; + authoritative = true; + interfaces = ["brlan"]; + extraConfig = '' + ''; + }; + + services.kresd = { + enable = false; + }; + + networking.nftables.enable = true; + networking.firewall = { + filterForward = true; + extraForwardRules = '' + iifname "brguest" oifname != "${cnf.wan}" drop comment "prevent guest to access lan" + ''; + }; + }; +} diff --git a/nixos/routers/wifi-adm.nix b/nixos/routers/wifi-adm.nix new file mode 100644 index 0000000..df334e5 --- /dev/null +++ b/nixos/routers/wifi-adm.nix @@ -0,0 +1,97 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cnf = config.cynerd.wifiAP.adm; + + wOptions = card: channelDefault: { + interface = mkOption { + type = with types; nullOr str; + default = null; + description = "Specify interface for ${card}"; + }; + channel = mkOption { + type = types.ints.positive; + default = channelDefault; + description = "Channel to be used for ${card}"; + }; + }; +in { + options = { + cynerd.wifiAP.adm = { + enable = mkEnableOption "Enable Wi-Fi Access Point support"; + ar9287 = wOptions "Qualcom Atheros AR9287" 7; + qca988x = wOptions "Qualcom Atheros QCA988x" 36; + }; + }; + + config = mkIf cnf.enable { + networking.wirelessAP = { + enable = true; + environmentFile = "/run/secrets/hostapd.env"; + interfaces = + (optionalAttrs (cnf.ar9287.interface != null) { + "${cnf.ar9287.interface}" = + wifiAP.qualcomAtherosAR9287 { + channel = cnf.ar9287.channel; + } + // { + bssid = "@BSSID_W24_0@"; + ssid = "TurrisAdamkovi"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; + bridge = "brlan"; + bss = { + "${cnf.ar9287.interface}.nela" = { + bssid = "@BSSID_W24_1@"; + ssid = "Nela"; + wpa = 2; + wpaPassphrase = "@PASS_NELA@"; + bridge = "brguest"; + }; + "${cnf.ar9287.interface}.milan" = { + bssid = "@BSSID_W24_2@"; + ssid = "MILAN-AC"; + wpa = 2; + wpaPassphrase = "@PASS_MILAN_AC@"; + bridge = "brguest"; + }; + }; + }; + }) + // (optionalAttrs (cnf.qca988x.interface != null) { + "${cnf.qca988x.interface}" = + wifiAP.qualcomAtherosQCA988x { + channel = cnf.qca988x.channel; + } + // { + bssid = "@BSSID_W5_0@"; + countryCode = "CZ"; + ssid = "TurrisAdamkovi5"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_ADAMKOVI@"; + bridge = "brlan"; + bss = { + "${cnf.qca988x.interface}.nela" = { + bssid = "@BSSID_W5_1@"; + ssid = "Nela5"; + wpa = 2; + wpaPassphrase = "@PASS_NELA@"; + bridge = "brguest"; + }; + "${cnf.qca988x.interface}.milan" = { + bssid = "@BSSID_W5_2@"; + ssid = "MILAN-AC"; + wpa = 2; + wpaPassphrase = "@PASS_MILAN_AC@"; + bridge = "brguest"; + }; + }; + }; + }); + }; + }; +} diff --git a/nixos/routers/wifi-spt.nix b/nixos/routers/wifi-spt.nix new file mode 100644 index 0000000..1cbb567 --- /dev/null +++ b/nixos/routers/wifi-spt.nix @@ -0,0 +1,83 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cnf = config.cynerd.wifiAP.spt; + + wOptions = card: channelDefault: { + interface = mkOption { + type = with types; nullOr str; + default = null; + description = "Specify interface for ${card}"; + }; + channel = mkOption { + type = types.ints.positive; + default = channelDefault; + description = "Channel to be used for ${card}"; + }; + }; +in { + options = { + cynerd.wifiAP.spt = { + enable = mkEnableOption "Enable Wi-Fi Access Point support"; + ar9287 = wOptions "Qualcom Atheros AR9287" 7; + qca988x = wOptions "Qualcom Atheros QCA988x" 36; + }; + }; + + config = mkIf cnf.enable { + networking.wirelessAP = { + enable = true; + environmentFile = "/run/secrets/hostapd.env"; + interfaces = + (optionalAttrs (cnf.ar9287.interface != null) { + "${cnf.ar9287.interface}" = + wifiAP.qualcomAtherosAR9287 { + channel = cnf.ar9287.channel; + } + // { + bssid = "@BSSID_AR9287_0@"; + ssid = "TurrisRules"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_RULES@"; + bridge = "brlan"; + bss = { + "${cnf.ar9287.interface}.guest" = { + bssid = "@BSSID_AR9287_1@"; + ssid = "Kocovi"; + wpa = 2; + wpaPassphrase = "@PASS_KOCOVI@"; + bridge = "brguest"; + }; + }; + }; + }) + // (optionalAttrs (cnf.qca988x.interface != null) { + "${cnf.qca988x.interface}" = + wifiAP.qualcomAtherosQCA988x { + channel = cnf.qca988x.channel; + } + // { + bssid = "@BSSID_QCA988X_0@"; + countryCode = "CZ"; + ssid = "TurrisRules5"; + wpa = 2; + wpaPassphrase = "@PASS_TURRIS_RULES@"; + bridge = "brlan"; + bss = { + "${cnf.qca988x.interface}.guest" = { + bssid = "@BSSID_QCA988X_1@"; + ssid = "Kocovi"; + wpa = 2; + wpaPassphrase = "@PASS_KOCOVI@"; + bridge = "brguest"; + }; + }; + }; + }); + }; + }; +} -- cgit v1.2.3