| 1 Nov 2025 |
 crushing-smite | Here:
{
config,
lib,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./wireless.nix
];
boot.kernelParams = [
"console=ttyS0,115200"
"console=tty1"
];
networking.wireless = {
enable = true;
interfaces = [ "wlan0" ];
networks = {
"UpstreamRouter" = {
psk = "UpstreamRouterPassword";
};
};
};
networking.networkmanager.enable = false;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
systemd.network.wait-online.enable = false;
services.openssh = {
enable = true;
settings.PasswordAuthentication = true;
settings.PermitRootLogin = "yes";
settings.KbdInteractiveAuthentication = true;
settings.X11Forwarding = true;
};
networking.firewall = {
checkReversePath = "loose";
};
networking.firewall.interfaces.br0.allowedUDPPorts = [ 67 22 ];
networking.firewall.interfaces.br0.allowedTCPPorts = [ 67 22 ];
environment.systemPackages = with pkgs; [
nmap
wireguard-tools
wget
du-dust
bat
git
curl
vim
htop
tree
xorg.xauth
xclip
wavemon
nettools
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
networking.nat = {
enable = true;
externalInterface = "wlp0s20f0u7i3";
internalInterfaces = ["br0"];
};
systemd.network.enable = true;
systemd.network = {
netdevs = {
"20-br0" = {
netdevConfig = {
Kind = "bridge";
Name = "br0";
};
};
};
networks = {
"05-wlan-usb" = {
matchConfig.MACAddress = "00:c0:ca:b7:8c:b4";
DHCP = "yes";
dhcpV4Config = {
RouteMetric = 100;
};
networkConfig = {
IgnoreCarrierLoss = "10s";
};
};
"10-enp1s0" = {
matchConfig.Name = "enp1s0";
linkConfig.RequiredForOnline = "no";
DHCP = "yes";
dhcpV4Config = {
RouteMetric = 200;
};
};
"30-enp2s0" = {
matchConfig.Name = "enp2s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"30-enp3s0" = {
matchConfig.Name = "enp3s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"30-enp4s0" = {
matchConfig.Name = "enp4s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"40-br0" = {
matchConfig.Name ="br0";
networkConfig = {
DHCPServer = "yes";
IPMasquerade = "ipv4";
};
address = [ "192.168.200.1/24" ];
dhcpServerConfig = {
EmitDNS = "yes";
DNS = "1.1.1.1";
};
bridgeConfig = {};
linkConfig = {
RequiredForOnline = "no";
};
};
};
};
system.stateVersion = "23.11";
}
| 22:07:06 |
| crushing-smite | * Here:
{
config,
lib,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./wireless.nix
];
boot.kernelParams = [
"console=ttyS0,115200"
"console=tty1"
];
networking.wireless = {
enable = true;
interfaces = [ "wlan0" ];
networks = {
"UpstreamRouter" = {
psk = "UpstreamRouterPassword";
};
};
};
networking.networkmanager.enable = false;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
systemd.network.wait-online.enable = false;
services.openssh = {
enable = true;
settings.PasswordAuthentication = true;
settings.PermitRootLogin = "yes";
settings.KbdInteractiveAuthentication = true;
settings.X11Forwarding = true;
};
networking.firewall = {
checkReversePath = "loose";
};
networking.firewall.interfaces.br0.allowedUDPPorts = [ 67 22 ];
networking.firewall.interfaces.br0.allowedTCPPorts = [ 67 22 ];
environment.systemPackages = with pkgs; [
nmap
wireguard-tools
wget
du-dust
bat
git
curl
vim
htop
tree
xorg.xauth
xclip
wavemon
nettools
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
networking.nat = {
enable = true;
externalInterface = "wlp0s20f0u7i3";
internalInterfaces = ["br0"];
};
systemd.network.enable = true;
systemd.network = {
netdevs = {
"20-br0" = {
netdevConfig = {
Kind = "bridge";
Name = "br0";
};
};
};
networks = {
"05-wlan-usb" = {
matchConfig.MACAddress = "00:c0:ca:b7:8c:b4";
DHCP = "yes";
dhcpV4Config = {
RouteMetric = 100;
};
networkConfig = {
IgnoreCarrierLoss = "10s";
};
};
"10-enp1s0" = {
matchConfig.Name = "enp1s0";
linkConfig.RequiredForOnline = "no";
DHCP = "yes";
dhcpV4Config = {
RouteMetric = 200;
};
};
"30-enp2s0" = {
matchConfig.Name = "enp2s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"30-enp3s0" = {
matchConfig.Name = "enp3s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"30-enp4s0" = {
matchConfig.Name = "enp4s0";
networkConfig.Bridge = "br0";
linkConfig.RequiredForOnline = "no";
DHCP = "no";
};
"40-br0" = {
matchConfig.Name ="br0";
networkConfig = {
DHCPServer = "yes";
IPMasquerade = "ipv4";
};
address = [ "192.168.200.1/24" ];
dhcpServerConfig = {
EmitDNS = "yes";
DNS = "1.1.1.1";
};
bridgeConfig = {};
linkConfig = {
RequiredForOnline = "no";
};
};
};
};
system.stateVersion = "23.11";
}
| 22:07:12 |
 K900 | There's no hostapd config here? | 22:07:49 |
| crushing-smite | It's in wireless.nix, which is above in the chat, reposting:
{
config,
lib,
pkgs,
...
}: {
boot.extraModprobeConfig = ''
options cfg80211 ieee80211_regdom="DE"
'';
hardware.wirelessRegulatoryDatabase = true;
services.hostapd = {
enable = true;
radios."wlp5s0" = {
wifi5 = {
enable = true;
operatingChannelWidth = "80";
require = true;
};
countryCode = "DE";
channel = 44;
band = "5g";
networks.wlp5s0 = {
logLevel = 0;
ssid = "SsidName";
authentication = {
mode = "wpa2-sha256";
wpaPassword = "password";
enableRecommendedPairwiseCiphers = true;
};
settings = {
bridge = "br0";
beacon_int = 50;
};
};
};
};
}
| 22:08:51 |
| K900 | That does look fairly normal | 22:09:30 |
