| 4 Jun 2021 |
 Alyssa Ross | well, my suggestion is to drop "on your Router!", as I said | 14:55:24 |
 telent | maybe Nix on Routers would make more sense as a separate channel ... though I guess not unless anyone running nix on their routers wants to talk about it | 15:10:15 |
|  hexa changed the room topic to "Declaratively manage your switching, routing, wireless, tunneling and more." from "on your Router! Declaratively manage your switching, routing, wireless, tunneling and more.". | 15:11:46 |
| hexa | this room seems low traffic enough to talk about nixwrt as well, unless you want a separate channel for that (compare #nixos-on-arm:nixos.org and mobile-nixos) | 15:12:33 |
| Alyssa Ross | I think this is a good place to talk about routers | 15:12:43 |
|  ElvishJerricco joined the room. | 19:37:24 |
 antifuchs | hah, I've been wanting to set up a nice dedicated router for my home network with nix... it seems like a very good match | 19:39:41 |
| ElvishJerricco | So I'm playing around with using a raspberry pi as an access point using the hostapd options in nixos, but I'm getting AP-STA-POSSIBLE-PSK-MISMATCH when I enter the correct password on my iPhone. Anyone have any idea why that might be happening? | 20:38:41 |
| telent | In reply to @hexa:lossy.network
this room seems low traffic enough to talk about nixwrt as well, unless you want a separate channel for that (compare #nixos-on-arm:nixos.org and mobile-nixos) ngl, I joined this channel in case there were any conversations about nixwrt - but by odd coincidence, all my discretionary hacking time right now is on mobile-nixos anyway | 20:48:57 |
| hexa | ElvishJerricco: in openwrt there is an option auth_cache that iOS needs IIRC | 21:53:23 |
| hexa | that maps to disable_pmksa_caching = 0 | 21:54:32 |
| hexa | also this https://support.apple.com/en-us/HT202628 for what iOS supports with regards to wlan | 21:55:19 |
| hexa | and lastly https://github.com/raspberrypi/linux/issues/2453 | 21:56:44 |
| hexa | that maps well to the raspberry pi 4, and in there somewhere a cypress engineer says that AP mode is not a priority | 21:57:16 |
| hexa | and from my experience it doesn't work too well | 21:57:23 |
| hexa | after some time clients will get disconnected and be unable to reconnect | 21:57:34 |
| ElvishJerricco | hexa: Thanks, I've got it working now. FYI I don't intend to use this in any capacity; I'm just learning how to build router like things with nixos. | 23:02:37 |
| hexa | awesome, don't let me stop you | 23:02:58 |
| hexa | my recommendation is to go with systemd-networkd fwiw | 23:03:06 |
| hexa | leave the scripted networking behind, it has no future | 23:03:15 |
| ElvishJerricco | hexa: I absolutely would if I had any idea how to use it for this :P | 23:03:30 |
| hexa | there's alot to learn from nixos/tests/systemd-networkd* | 23:04:03 |
| ElvishJerricco | Is it possible for the pi to just bridge wlan0 with eth0 and still get its own IP on eth0? i.e. allow others to connect to an upstream NAT via the pi as an access point, but still let people on the network communicate with the pi? | 23:05:47 |
 mutantmell | I want to say it is, but I'm not 100% sure - I have a similar setup on one of my machines that runs as a VM host that bridges eth0, and it's still network accessible. | 23:08:30 |
| mutantmell | That said, I'm new enough to this that I don't know for sure :) | 23:08:55 |
| hexa | it is, use the bridge option in hostapd.conf | 23:13:04 |
| hexa | and configure ip addresses on the bridge | 23:13:18 |
| ElvishJerricco | As in put useDHCP on the bridge interface, not the eth0 interface? | 23:21:13 |
| hexa | possibly | 23:23:28 |
| ElvishJerricco | So I've got this:
networking.useDHCP = false;
networking.interfaces.eth0.useDHCP = false;
networking.interfaces.wlan0.useDHCP = false;
networking.interfaces.br0.useDHCP = true;
networking.bridges.br0.interfaces = ["eth0" "wlan0"];
networking.useNetworkd = true;
services.hostapd = {
enable = true;
interface = "wlan0";
hwMode = "g";
ssid = "My Pi Network";
wpaPassphrase = "foobarbaz";
extraConfig = ''
disable_pmksa_caching=0
wpa_pairwise=CCMP
rsn_pairwise=CCMP
'';
};
And iOS seems to be able to authenticate, but can't access the internet.
| 23:39:17 |
