nixbld: LAN router

Replaces OpenWrt router that was limited to 100Mbps (new fiber is 300Mbps).
This commit is contained in:
Sebastien Bourdeauducq 2019-09-18 12:13:10 +08:00
parent 44018d0a56
commit 3bd0f2c1e9
1 changed files with 14 additions and 7 deletions

View File

@ -31,21 +31,25 @@ in
allowedTCPPorts = [ 80 443 631 5901 ]; allowedTCPPorts = [ 80 443 631 5901 ];
allowedUDPPorts = [ 53 67 631 ]; allowedUDPPorts = [ 53 67 631 ];
}; };
networkmanager.unmanaged = [ "interface-name:wlp3s0" ]; networkmanager.unmanaged = [ "interface-name:wlp4s0" "interface-name:enp3s0" ];
interfaces."wlp3s0".ipv4.addresses = [{ interfaces."enp3s0".ipv4.addresses = [{
address = "192.168.1.1";
prefixLength = 24;
}];
interfaces."wlp4s0".ipv4.addresses = [{
address = "192.168.12.1"; address = "192.168.12.1";
prefixLength = 24; prefixLength = 24;
}]; }];
nat = { nat = {
enable = true; enable = true;
externalInterface = "enp0s31f6"; externalInterface = "enp0s31f6";
internalInterfaces = ["wlp3s0"]; internalInterfaces = ["enp3s0" "wlp4s0"];
}; };
}; };
services.hostapd = { services.hostapd = {
enable = true; enable = true;
interface = "wlp3s0"; interface = "wlp4s0";
hwMode = "g"; hwMode = "g";
ssid = "M-Labs"; ssid = "M-Labs";
wpaPassphrase = (import /etc/nixos/secret/wifi_password.nix); wpaPassphrase = (import /etc/nixos/secret/wifi_password.nix);
@ -53,9 +57,11 @@ in
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''
interface=wlp3s0 interface=enp3s0
interface=wlp4s0
bind-interfaces bind-interfaces
dhcp-range=192.168.12.10,192.168.12.254,24h dhcp-range=interface:enp3s0,192.168.1.10,192.168.1.254,24h
dhcp-range=interface:wlp4s0,192.168.12.10,192.168.12.254,24h
''; '';
}; };
@ -100,12 +106,13 @@ in
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.avahi.enable = true; services.avahi.enable = true;
services.avahi.interfaces = ["enp3s0"];
services.avahi.publish.enable = true; services.avahi.publish.enable = true;
services.avahi.publish.userServices = true; services.avahi.publish.userServices = true;
services.printing.enable = true; services.printing.enable = true;
services.printing.drivers = [ pkgs.hplipWithPlugin ]; services.printing.drivers = [ pkgs.hplipWithPlugin ];
services.printing.browsing = true; services.printing.browsing = true;
services.printing.listenAddresses = [ "*:631" ]; services.printing.listenAddresses = [ "192.168.1.1:631" ];
services.printing.defaultShared = true; services.printing.defaultShared = true;
hardware.sane.enable = true; hardware.sane.enable = true;
hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ]; hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];