2 files changed, 30 insertions, 16 deletions

diff --git a/configuration.nix b/configuration.nix
index 7eb5a30..b066ff3 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,7 +1,3 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page, on
-# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-
 { config, lib, pkgs, inputs, ... }:
 
 {
@@ -21,8 +17,6 @@
   boot.loader.efi.canTouchEfiVariables = true;
 
   networking.hostName = "oden";
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
 
   # Set your time zone.
   time.timeZone = "Europe/Stockholm";
@@ -33,7 +27,6 @@
     keyMap = "mod-dh-iso-us";
   };
 
-  # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.mathias = {
     isNormalUser = true;
     extraGroups = [ "wheel" "wireshark" ];
@@ -45,8 +38,6 @@
 
   programs.wireshark.enable = true;
 
-  # List packages installed in system profile.
-  # You can use https://search.nixos.org/ to find more packages (and options).
   environment.systemPackages = with pkgs; [
     neovim
     curl
diff --git a/router.nix b/router.nix
index ad58ba8..3c75169 100644
--- a/router.nix
+++ b/router.nix
@@ -1,6 +1,7 @@
 { ... }:
 let
   lanInterface = "enp5s0f0u2";
+  wifiInterface = "wlp9s0";
 in
 {
   boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = true;
@@ -9,13 +10,14 @@ in
   networking.nat = {
     enable = true;
     externalInterface = "enp8s0";
-    internalInterfaces = [ lanInterface ];
-    forwardPorts = [{
-      sourcePort = 1234;
-      destination = "10.69.0.2:12345";
-    }];
+    internalInterfaces = [ "br0" ];
+    # forwardPorts = [{
+    #   sourcePort = 1234;
+    #   destination = "10.69.0.2:12345";
+    # }];
   };
-  networking.interfaces.${lanInterface}.ipv4.addresses = [{
+  networking.bridges.br0.interfaces = [ lanInterface wifiInterface ];
+  networking.interfaces.br0.ipv4.addresses = [{
     address = "10.69.0.1";
     prefixLength = 16;
   }];
@@ -23,7 +25,7 @@ in
     enable = true;
     settings = {
       interfaces-config = {
-        interfaces = [ lanInterface ];
+        interfaces = [ "br0" ];
         service-sockets-max-retries = 200000;
         service-sockets-retry-wait-time = 5000;
       };
@@ -47,4 +49,25 @@ in
       }];
     };
   };
+  networking.networkmanager = {
+    enable = true;
+    unmanaged = [ "interface-name:${lanInterface}" "interface-name:${wifiInterface}" ];
+  };
+  services.hostapd = {
+    enable = true;
+    radios.${wifiInterface} = {
+      countryCode = "SE";
+      band = "2g";
+      channel = 12;
+      networks.${wifiInterface} = {
+        ssid = "Heidrun";
+        authentication = {
+          mode = "wpa3-sae";
+          saePasswords = [
+            { password = "REDACTED"; }
+          ];
+        };
+      };
+    };
+  };
 }