From 3bd0f2c1e99c3c3c5f4e92e1766c2e897f360302 Mon Sep 17 00:00:00 2001 From: Sebastien Bourdeauducq Date: Wed, 18 Sep 2019 12:13:10 +0800 Subject: [PATCH] nixbld: LAN router Replaces OpenWrt router that was limited to 100Mbps (new fiber is 300Mbps). --- nixbld-etc-nixos/configuration.nix | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index f3f3a64..056efa6 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -31,21 +31,25 @@ in allowedTCPPorts = [ 80 443 631 5901 ]; allowedUDPPorts = [ 53 67 631 ]; }; - networkmanager.unmanaged = [ "interface-name:wlp3s0" ]; - interfaces."wlp3s0".ipv4.addresses = [{ + networkmanager.unmanaged = [ "interface-name:wlp4s0" "interface-name:enp3s0" ]; + interfaces."enp3s0".ipv4.addresses = [{ + address = "192.168.1.1"; + prefixLength = 24; + }]; + interfaces."wlp4s0".ipv4.addresses = [{ address = "192.168.12.1"; prefixLength = 24; }]; nat = { enable = true; externalInterface = "enp0s31f6"; - internalInterfaces = ["wlp3s0"]; + internalInterfaces = ["enp3s0" "wlp4s0"]; }; }; services.hostapd = { enable = true; - interface = "wlp3s0"; + interface = "wlp4s0"; hwMode = "g"; ssid = "M-Labs"; wpaPassphrase = (import /etc/nixos/secret/wifi_password.nix); @@ -53,9 +57,11 @@ in services.dnsmasq = { enable = true; extraConfig = '' - interface=wlp3s0 + interface=enp3s0 + interface=wlp4s0 bind-interfaces - dhcp-range=192.168.12.10,192.168.12.254,24h + dhcp-range=interface:enp3s0,192.168.1.10,192.168.1.254,24h + dhcp-range=interface:wlp4s0,192.168.12.10,192.168.12.254,24h ''; }; @@ -100,12 +106,13 @@ in # Enable CUPS to print documents. services.avahi.enable = true; + services.avahi.interfaces = ["enp3s0"]; services.avahi.publish.enable = true; services.avahi.publish.userServices = true; services.printing.enable = true; services.printing.drivers = [ pkgs.hplipWithPlugin ]; services.printing.browsing = true; - services.printing.listenAddresses = [ "*:631" ]; + services.printing.listenAddresses = [ "192.168.1.1:631" ]; services.printing.defaultShared = true; hardware.sane.enable = true; hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];