{ config, pkgs, lib, ... } : let secrets = import ./ax23-secrets.nix; inherit (pkgs) serviceFns; svc = config.system.service; wirelessConfig = { country_code = "NL"; ssid = "FRITZ!Box 7581 TN"; wpa_passphrase = secrets.wpa_passphrase; auth_algs = 1; # 1=wpa2, 2=wep, 3=both wpa = 2; # 1=wpa, 2=wpa2, 3=both wpa_key_mgmt = "WPA-PSK"; wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) rsn_pairwise = "CCMP"; # auth for wpa2 wmm_enabled = 1; bridge = "int"; }; in rec { imports = [ ../modules/wlan.nix ../modules/network ../modules/dhcp6c ../modules/ssh ../modules/bridge ../modules/hostapd ]; hostname = "yardbird"; services.hostap = svc.hostapd.build { interface = config.hardware.networkInterfaces.wlan; params = { # b/g/n/ax hw_mode = "g"; channel = "2"; ieee80211n = 1; driver="nl80211"; supported_rates="60 90 120 180 240 360 480 540"; basic_rates="60 120 240"; beacon_int="100"; ht_coex="0"; ht_capab="[LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935]"; ap_isolate="1"; bss_load_update_period="60"; chan_util_avg_period="600"; disassoc_low_ack="1"; skip_inactivity_poll="0"; preamble="1"; wmm_enabled="1"; ignore_broadcast_ssid="0"; uapsd_advertisement_enabled="1"; utf8_ssid="1"; multi_ap="0"; auth_algs="1"; wpa="0"; wds_bridge=""; bssid="5c:e9:31:63:90:48"; } // wirelessConfig; }; services.hostap5 = svc.hostapd.build { interface = config.hardware.networkInterfaces.wlan5; params = rec { # a/n/ac/ax hw_mode = "a"; channel = 36; #ht_capab = "[HT40+]"; vht_oper_chwidth = 1; vht_oper_centr_freq_seg0_idx = channel + 6; ieee80211ac = 1; driver="nl80211"; country_code="NL"; ieee80211d="1"; ieee80211h="1"; beacon_int="100"; chanlist="36"; tx_queue_data2_burst="2.0"; #num_global_macaddr=1; ieee80211n="1"; ht_coex="0"; ht_capab="[HT40+][LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935]"; #ieee80211ac="1"; #vht_oper_chwidth="1"; #vht_oper_centr_freq_seg0_idx="42"; vht_capab="[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][SU-BEAMFORMER][SU-BEAMFORMEE][MU-BEAMFORMER][MU-BEAMFORMEE][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC-1][SOUNDING-DIMENSION-2][BF-ANTENNA-2][MAX-MPDU-7991][MAX-A-MPDU-LEN-EXP7]"; ap_isolate="1"; bss_load_update_period="60"; chan_util_avg_period="600"; disassoc_low_ack="1"; skip_inactivity_poll="0"; preamble="1"; wmm_enabled="1"; ignore_broadcast_ssid="0"; uapsd_advertisement_enabled="1"; utf8_ssid="1"; multi_ap="0"; eapol_version="1"; auth_algs="1"; wpa="1"; wpa_pairwise="CCMP TKIP"; wds_bridge=""; wpa_disable_eapol_key_retries="0"; wpa_key_mgmt="WPA-PSK"; bssid="5c:e9:31:63:90:47"; #default_macaddr } // wirelessConfig; }; services.int = svc.network.address.build { interface = svc.bridge.primary.build { ifname = "int"; }; family = "inet"; address = "10.8.0.1"; prefixLength = 16; }; services.bridge = svc.bridge.members.build { primary = services.int; members = with config.hardware.networkInterfaces; [ wlan wlan5 lan1 lan2 lan3 lan4 wan ]; }; services.dhcpc = svc.network.dhcp.client.build { interface = services.int; # don't start DHCP until the hostname is configured, # so it can identify itself to the DHCP server dependencies = [ config.services.hostname ]; }; services.dhcp6c = svc.dhcp6c.client.build { interface = services.int; }; services.sshd = svc.ssh.build { }; users.root = secrets.root; defaultProfile.packages = with pkgs; [ figlet #tcpdump ]; }