2024-01-25 10:23:02 +00:00
|
|
|
{ config, pkgs, lib, ... } :
|
|
|
|
|
let
|
|
|
|
|
inherit (pkgs) serviceFns;
|
|
|
|
|
svc = config.system.service;
|
2024-01-27 19:43:18 +00:00
|
|
|
wirelessConfig = {
|
|
|
|
|
country_code = "NL";
|
|
|
|
|
# TODO
|
|
|
|
|
wpa_passphrase = "ABCD1234";
|
|
|
|
|
auth_algs = 1; # 1=wpa2, 2=wep, 3=both
|
|
|
|
|
wpa = 2; # 1=wpa, 2=wpa2, 3=both
|
|
|
|
|
wpa_key_mgmt = "WPA-PSK";
|
|
|
|
|
wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?)
|
|
|
|
|
rsn_pairwise = "CCMP"; # auth for wpa2
|
|
|
|
|
wmm_enabled = 1;
|
|
|
|
|
};
|
2024-01-25 10:23:02 +00:00
|
|
|
|
|
|
|
|
in rec {
|
|
|
|
|
imports = [
|
2024-01-27 19:43:18 +00:00
|
|
|
../modules/wlan.nix
|
2024-01-25 10:23:02 +00:00
|
|
|
../modules/network
|
|
|
|
|
../modules/ssh
|
2024-01-27 19:43:18 +00:00
|
|
|
../modules/bridge
|
|
|
|
|
../modules/hostapd
|
2024-01-25 10:23:02 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
boot.tftp = {
|
|
|
|
|
# IP addresses to use in the boot monitor when flashing/ booting
|
|
|
|
|
# over TFTP. If you are flashing using the stock firmware's Web UI
|
|
|
|
|
# then these dummy values are fine
|
|
|
|
|
ipaddr = "192.168.0.1"; # my address
|
|
|
|
|
serverip = "192.168.0.5"; # build machine or other tftp server
|
|
|
|
|
};
|
|
|
|
|
|
2024-01-27 19:43:18 +00:00
|
|
|
hostname = "yardbird";
|
|
|
|
|
|
|
|
|
|
services.hostap = svc.hostapd.build {
|
|
|
|
|
interface = config.hardware.networkInterfaces.wlan;
|
|
|
|
|
params = {
|
|
|
|
|
ssid = "liminix";
|
|
|
|
|
hw_mode="g";
|
|
|
|
|
channel = "2";
|
|
|
|
|
ieee80211n = 1;
|
|
|
|
|
} // wirelessConfig;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.hostap5 = svc.hostapd.build {
|
|
|
|
|
interface = config.hardware.networkInterfaces.wlan5;
|
|
|
|
|
params = rec {
|
|
|
|
|
ssid = "liminix_5";
|
|
|
|
|
hw_mode="a";
|
|
|
|
|
channel = 36;
|
|
|
|
|
ht_capab = "[HT40+]";
|
|
|
|
|
vht_oper_chwidth = 1;
|
|
|
|
|
vht_oper_centr_freq_seg0_idx = channel + 6;
|
|
|
|
|
ieee80211ac = 1;
|
|
|
|
|
} // wirelessConfig;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.int = svc.network.address.build {
|
|
|
|
|
interface = svc.bridge.primary.build { ifname = "int"; };
|
|
|
|
|
family = "inet"; address ="10.8.0.1"; prefixLength = 16;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.bridge = svc.bridge.members.build {
|
|
|
|
|
primary = services.int;
|
|
|
|
|
members = with config.hardware.networkInterfaces;
|
|
|
|
|
[ wlan
|
|
|
|
|
wlan5
|
|
|
|
|
lan1
|
|
|
|
|
lan2
|
|
|
|
|
lan3
|
|
|
|
|
lan4
|
|
|
|
|
wan
|
|
|
|
|
];
|
|
|
|
|
};
|
2024-01-25 10:23:02 +00:00
|
|
|
|
|
|
|
|
services.dhcpc = svc.network.dhcp.client.build {
|
2024-01-27 19:43:18 +00:00
|
|
|
interface = config.hardware.networkInterfaces.wan;
|
2024-01-25 10:23:02 +00:00
|
|
|
|
|
|
|
|
# don't start DHCP until the hostname is configured,
|
|
|
|
|
# so it can identify itself to the DHCP server
|
|
|
|
|
dependencies = [ config.services.hostname ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.sshd = svc.ssh.build { };
|
|
|
|
|
|
|
|
|
|
users.root = {
|
|
|
|
|
# the password is "secret". Use mkpasswd -m sha512crypt to
|
|
|
|
|
# create this hashed password string
|
|
|
|
|
passwd = "$6$y7WZ5hM6l5nriLmo$5AJlmzQZ6WA.7uBC7S8L4o19ESR28Dg25v64/vDvvCN01Ms9QoHeGByj8lGlJ4/b.dbwR9Hq2KXurSnLigt1W1";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
defaultProfile.packages = with pkgs; [
|
|
|
|
|
figlet
|
|
|
|
|
];
|
|
|
|
|
}
|
