83 lines
1.6 KiB
Nix
83 lines
1.6 KiB
Nix
{ inputs }:
|
|
{
|
|
config,
|
|
pkgs,
|
|
modulesPath,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
secrets = {
|
|
firewallRules = { };
|
|
}
|
|
// (import ./secrets.nix);
|
|
wirelessConfig = {
|
|
country_code = "TH";
|
|
inherit (secrets) wpa_passphrase;
|
|
wmm_enabled = 1;
|
|
};
|
|
svc = config.system.service;
|
|
in
|
|
{
|
|
imports = [
|
|
"${inputs.liminix}/modules/wlan.nix"
|
|
"${inputs.liminix}/modules/ssh"
|
|
"${modulesPath}/profiles/wap.nix"
|
|
];
|
|
|
|
hostname = "whitehouse2";
|
|
boot = {
|
|
tftp = {
|
|
freeSpaceBytes = 3 * 1024 * 1024;
|
|
serverip = "${secrets.lan.prefix}.149";
|
|
ipaddr = "${secrets.lan.prefix}.252";
|
|
};
|
|
};
|
|
|
|
services.sshd = svc.ssh.build {
|
|
authorizedKeys.root = secrets.root.openssh.authorizedKeys.keys;
|
|
};
|
|
|
|
users.root = secrets.root;
|
|
|
|
profile.wap = {
|
|
interfaces = with config.hardware.networkInterfaces; [
|
|
wan
|
|
lan
|
|
wlan
|
|
wlan5
|
|
];
|
|
|
|
wireless.networks = {
|
|
"${secrets.ssid}" = {
|
|
interface = config.hardware.networkInterfaces.wlan;
|
|
hw_mode = "g";
|
|
channel = "6";
|
|
ieee80211n = 1;
|
|
}
|
|
// wirelessConfig;
|
|
"${secrets.ssid}-5" = rec {
|
|
interface = config.hardware.networkInterfaces.wlan5;
|
|
hw_mode = "a";
|
|
channel = 36;
|
|
ht_capab = "[HT40+]";
|
|
vht_oper_chwidth = 1;
|
|
vht_oper_centr_freq_seg0_idx = channel + 6;
|
|
ieee80211n = 1;
|
|
ieee80211ac = 1;
|
|
}
|
|
// wirelessConfig;
|
|
};
|
|
};
|
|
|
|
system.service.network.forward.enableIPv4 = false;
|
|
system.service.network.forward.enableIPv6 = false;
|
|
|
|
defaultProfile.packages = with pkgs; [
|
|
busybox
|
|
iw
|
|
nftables
|
|
];
|
|
|
|
}
|