diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index 24d0236..ab1f1a9 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -7,7 +7,7 @@ let netifWan = "enp0s31f6"; netifLan = "enp3s0"; - netifWifi = "wlp0s20f0u1"; + netifWifi = "wlp4s0"; netifSit = "henet0"; hydraWwwOutputs = "/var/www/hydra-outputs"; in @@ -26,7 +26,6 @@ in # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.blacklistedKernelModules = ["iwlwifi"]; security.apparmor.enable = true; @@ -352,6 +351,7 @@ in }; nixpkgs.config.packageOverrides = super: let self = super.pkgs; in { + hostapd = super.callPackage ./hostapd.nix {}; hydra = super.hydra.overrideAttrs(oa: { patches = oa.patches or [] ++ [ ./hydra-conda.patch ./hydra-retry.patch ]; hydraPath = oa.hydraPath + ":" + super.lib.makeBinPath [ super.jq ]; diff --git a/nixbld-etc-nixos/hostapd.nix b/nixbld-etc-nixos/hostapd.nix new file mode 100644 index 0000000..79ce37a --- /dev/null +++ b/nixbld-etc-nixos/hostapd.nix @@ -0,0 +1,80 @@ +{ stdenv, fetchurl, pkgconfig, libnl, openssl, sqlite ? null }: + +stdenv.mkDerivation rec { + pname = "hostapd"; + version = "2.8"; + + src = fetchurl { + url = "https://w1.fi/releases/${pname}-${version}.tar.gz"; + sha256 = "1c74rrazkhy4lr7pwgwa2igzca7h9l4brrs7672kiv7fwqmm57wj"; + }; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ libnl openssl sqlite ]; + + patches = [ + (fetchurl { + # Note: fetchurl seems to be unhappy with openwrt git + # server's URLs containing semicolons. Using the github mirror instead. + url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch"; + sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";}) + ]; + + outputs = [ "out" "man" ]; + + extraConfig = '' + CONFIG_DRIVER_WIRED=y + CONFIG_LIBNL32=y + CONFIG_EAP_SIM=y + CONFIG_EAP_AKA=y + CONFIG_EAP_AKA_PRIME=y + CONFIG_EAP_PAX=y + CONFIG_EAP_PWD=n + CONFIG_EAP_SAKE=y + CONFIG_EAP_GPSK=y + CONFIG_EAP_GPSK_SHA256=y + CONFIG_EAP_FAST=y + CONFIG_EAP_IKEV2=y + CONFIG_EAP_TNC=y + CONFIG_EAP_EKE=y + CONFIG_RADIUS_SERVER=y + CONFIG_IEEE80211R=y + CONFIG_IEEE80211N=y + CONFIG_IEEE80211AC=y + CONFIG_FULL_DYNAMIC_VLAN=y + CONFIG_VLAN_NETLINK=y + CONFIG_TLS=openssl + CONFIG_TLSV11=y + CONFIG_TLSV12=y + CONFIG_INTERNETWORKING=y + CONFIG_HS20=y + CONFIG_ACS=y + CONFIG_GETRANDOM=y + '' + stdenv.lib.optionalString (sqlite != null) '' + CONFIG_SQLITE=y + ''; + + configurePhase = '' + cd hostapd + cp -v defconfig .config + echo "$extraConfig" >> .config + cat -n .config + substituteInPlace Makefile --replace /usr/local $out + export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE $(pkg-config --cflags libnl-3.0)" + ''; + + preInstall = "mkdir -p $out/bin"; + postInstall = '' + install -vD hostapd.8 -t $man/share/man/man8 + install -vD hostapd_cli.1 -t $man/share/man/man1 + ''; + + meta = with stdenv.lib; { + homepage = http://hostap.epitest.fi; + repositories.git = git://w1.fi/hostap.git; + description = "A user space daemon for access point and authentication servers"; + license = licenses.gpl2; + maintainers = with maintainers; [ phreedom ninjatrappeur ]; + platforms = platforms.linux; + }; +}