mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

fix: remve useless hostapd examples, minor fixes

Browse source
This commit is contained in:
oddlama 2023-03-21 00:31:37 +01:00
parent 8088cd67fa
commit 32f1474d3f
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
2 changed files with 5 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/zackbiene/hostapd.nix
View file

@ -14,7 +14,6 @@
enable = true; enable = true;
interfaces = { interfaces = {
"wlan1" = { "wlan1" = {
logLevel = 0;
ssid = "🍯🐝💨"; ssid = "🍯🐝💨";
hwMode = "g"; hwMode = "g";
countryCode = "DE"; countryCode = "DE";

24
modules/hostapd.nix
View file

@ -270,25 +270,13 @@ in {
default = {}; default = {};
example = literalExpression '' example = literalExpression ''
{ {
# WiFi 4 (2.4GHz) # Simple 2.4GHz AP
"wlp2s0" = { "wlp2s0" = {
ssid = "AP 1"; ssid = "AP 1";
# countryCode = "US"; # countryCode = "US";
authentication.saePasswords = [{ password = "a flakey password"; }]; # Use saePasswordsFile if possible. authentication.saePasswords = [{ password = "a flakey password"; }]; # Use saePasswordsFile if possible.
}; };
# Hidden hotspot for IoT devices (MAC ACL list, invisible ssid, isolated traffic)
"wlp3s0" = {
ssid = "IoT Isolated AP";
# countryCode = "US";
macAcl = "deny";
apIsolate = true;
authentication = {
saePasswords = [{ password = "a flakey password"; }]; # Use saePasswordsFile if possible.
saeAddToMacAllow = true;
};
};
# WiFi 5 (5GHz) # WiFi 5 (5GHz)
"wlp4s0" = { "wlp4s0" = {
ssid = "Open AP with WiFi5"; ssid = "Open AP with WiFi5";
@ -775,7 +763,7 @@ in {
wifi5 = { wifi5 = {
enable = mkOption { enable = mkOption {
default = false; default = true;
type = types.bool; type = types.bool;
description = mdDoc "Enables support for IEEE 802.11ac (WiFi 5, VHT)"; description = mdDoc "Enables support for IEEE 802.11ac (WiFi 5, VHT)";
}; };
@ -791,7 +779,7 @@ in {
''; '';
}; };
requireVht = mkOption { require = mkOption {
default = false; default = false;
type = types.bool; type = types.bool;
description = mdDoc "Require stations (clients) to support WiFi 5 (VHT) and disassociate them if they don't."; description = mdDoc "Require stations (clients) to support WiFi 5 (VHT) and disassociate them if they don't.";
@ -815,6 +803,7 @@ in {
wifi6 = { wifi6 = {
enable = mkOption { enable = mkOption {
# TODO Change this once WiFi 6 is enabled in hostapd upstream
default = false; default = false;
type = types.bool; type = types.bool;
description = mdDoc "Enables support for IEEE 802.11ax (WiFi 6, HE)"; description = mdDoc "Enables support for IEEE 802.11ax (WiFi 6, HE)";
@ -862,6 +851,7 @@ in {
wifi7 = { wifi7 = {
enable = mkOption { enable = mkOption {
# FIXME: Change this to true once WiFi 7 is stable
default = false; default = false;
type = types.bool; type = types.bool;
description = mdDoc '' description = mdDoc ''
@ -919,10 +909,6 @@ in {
++ (concatLists (mapAttrsToList (interface: ifcfg: let ++ (concatLists (mapAttrsToList (interface: ifcfg: let
countWpaPasswordDefinitions = count (x: x != null) [ifcfg.authentication.wpaPassword ifcfg.authentication.wpaPasswordFile ifcfg.authentication.wpaPskFile]; countWpaPasswordDefinitions = count (x: x != null) [ifcfg.authentication.wpaPassword ifcfg.authentication.wpaPasswordFile ifcfg.authentication.wpaPskFile];
in [ in [
{
assertion = (ifcfg.wifi5.enable || ifcfg.wifi6.enable || ifcfg.wifi7.enable) -> ifcfg.hwMode == "a";
message = ''hostapd interface ${interface} has enabled WiFi 5 or above, which requires hwMode="a"'';
}
{ {
assertion = ifcfg.authentication.mode == "wpa3-sae" -> ifcfg.managementFrameProtection == "required"; assertion = ifcfg.authentication.mode == "wpa3-sae" -> ifcfg.managementFrameProtection == "required";
message = ''hostapd interface ${interface} uses WPA3-SAE which requires managementFrameProtection="required"''; message = ''hostapd interface ${interface} uses WPA3-SAE which requires managementFrameProtection="required"'';