feat(hostapd): make the package configurable to enable RADIUS

The default hostapd disable too many things, we need a bit more for RADIUS. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-26 21:40:09 +02:00 · 2024-08-26 21:40:09 +02:00 · 3d528a71e9
commit 3d528a71e9
parent 17355c3911
3 changed files with 42 additions and 3 deletions
--- a/modules/hostapd/default.nix
+++ b/modules/hostapd/default.nix
@ -26,6 +26,10 @@ in {
      interface = mkOption {
        type = liminix.lib.types.service;
      };
+      package = mkOption {
+        type = types.package;
+        default = pkgs.hostapd;
+      };
      params = mkOption {
        type = types.attrs;
      };
--- a/modules/hostapd/service.nix
+++ b/modules/hostapd/service.nix
@ -1,10 +1,9 @@
 {
  liminix
-, hostapd
 , writeText
 , lib
 }:
-{ interface, params} :
+{ package, interface, params } :
 let
  inherit (liminix.services) longrun;
  inherit (lib) concatStringsSep mapAttrsToList;
@ -35,5 +34,5 @@ let
 in longrun {
  inherit name;
  dependencies = [ interface ];
-  run = "${hostapd}/bin/hostapd -i $(output ${interface} ifname)  -P /run/${name}.pid -S ${conf}";
+  run = "${package}/bin/hostapd -i $(output ${interface} ifname)  -P /run/${name}.pid -S ${conf}";
 }
--- a/overlay.nix
+++ b/overlay.nix
@ -143,6 +143,42 @@ extraPkgs // {
      });
    in h.override { openssl = null; sqlite = null; };

+  hostapd-radius =
+  let
+    config =  [
+      "CONFIG_DRIVER_NL80211=y"
+      "CONFIG_DRIVER_WIRED=y"
+      "CONFIG_EAP=y"
+      "CONFIG_EAP_PEAP=y"
+      "CONFIG_RADIUS_SERVER=y"
+      "CONFIG_FULL_DYNAMIC_VLAN=y"
+      "CONFIG_IAPP=y"
+      "CONFIG_IEEE80211AC=y"
+      "CONFIG_IEEE80211AX=y"
+      "CONFIG_IEEE80211N=y"
+      "CONFIG_IEEE80211W=y"
+      "CONFIG_INTERNAL_LIBTOMMATH=y"
+      "CONFIG_INTERNAL_LIBTOMMATH_FAST=y"
+      "CONFIG_IPV6=y"
+      "CONFIG_LIBNL32=y"
+      "CONFIG_PKCS12=y"
+      "CONFIG_RSN_PREAUTH=y"
+      # Required to read the key material for RADIUS.
+      "CONFIG_TLS=openssl"
+    ];
+    h = prev.hostapd.overrideAttrs(o: {
+      extraConfig = "";
+      configurePhase = ''
+        cat > hostapd/defconfig <<EOF
+        ${builtins.concatStringsSep "\n" config}
+        EOF
+        ${o.configurePhase}
+      '';
+    });
+  in h.override { sqlite = null; };
+
+
+
  kexec-tools-static = prev.kexec-tools.overrideAttrs(o: {
    # For kexecboot we copy kexec into a ramdisk on the system being
    # upgraded from. This is more likely to work if kexec is