From 3d528a71e97e8b6d238e1a3317de82ccc82e811f Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Mon, 26 Aug 2024 21:40:09 +0200
Subject: [PATCH] feat(hostapd): make the package configurable to enable RADIUS

The default hostapd disable too many things, we need a bit more for
RADIUS.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
---
 modules/hostapd/default.nix |  4 ++++
 modules/hostapd/service.nix |  5 ++---
 overlay.nix                 | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/modules/hostapd/default.nix b/modules/hostapd/default.nix
index 2bcf4d6..4338e74 100644
--- a/modules/hostapd/default.nix
+++ b/modules/hostapd/default.nix
@@ -26,6 +26,10 @@ in {
       interface = mkOption {
         type = liminix.lib.types.service;
       };
+      package = mkOption {
+        type = types.package;
+        default = pkgs.hostapd;
+      };
       params = mkOption {
         type = types.attrs;
       };
diff --git a/modules/hostapd/service.nix b/modules/hostapd/service.nix
index 2bd5453..68e9754 100644
--- a/modules/hostapd/service.nix
+++ b/modules/hostapd/service.nix
@@ -1,10 +1,9 @@
 {
   liminix
-, hostapd
 , writeText
 , lib
 }:
-{ interface, params} :
+{ package, interface, params } :
 let
   inherit (liminix.services) longrun;
   inherit (lib) concatStringsSep mapAttrsToList;
@@ -35,5 +34,5 @@ let
 in longrun {
   inherit name;
   dependencies = [ interface ];
-  run = "${hostapd}/bin/hostapd -i $(output ${interface} ifname)  -P /run/${name}.pid -S ${conf}";
+  run = "${package}/bin/hostapd -i $(output ${interface} ifname)  -P /run/${name}.pid -S ${conf}";
 }
diff --git a/overlay.nix b/overlay.nix
index 09acaad..374c79a 100644
--- a/overlay.nix
+++ b/overlay.nix
@@ -143,6 +143,42 @@ extraPkgs // {
       });
     in h.override { openssl = null; sqlite = null; };
 
+  hostapd-radius =
+  let
+    config =  [
+      "CONFIG_DRIVER_NL80211=y"
+      "CONFIG_DRIVER_WIRED=y"
+      "CONFIG_EAP=y"
+      "CONFIG_EAP_PEAP=y"
+      "CONFIG_RADIUS_SERVER=y"
+      "CONFIG_FULL_DYNAMIC_VLAN=y"
+      "CONFIG_IAPP=y"
+      "CONFIG_IEEE80211AC=y"
+      "CONFIG_IEEE80211AX=y"
+      "CONFIG_IEEE80211N=y"
+      "CONFIG_IEEE80211W=y"
+      "CONFIG_INTERNAL_LIBTOMMATH=y"
+      "CONFIG_INTERNAL_LIBTOMMATH_FAST=y"
+      "CONFIG_IPV6=y"
+      "CONFIG_LIBNL32=y"
+      "CONFIG_PKCS12=y"
+      "CONFIG_RSN_PREAUTH=y"
+      # Required to read the key material for RADIUS.
+      "CONFIG_TLS=openssl"
+    ];
+    h = prev.hostapd.overrideAttrs(o: {
+      extraConfig = "";
+      configurePhase = ''
+        cat > hostapd/defconfig <<EOF
+        ${builtins.concatStringsSep "\n" config}
+        EOF
+        ${o.configurePhase}
+      '';
+    });
+  in h.override { sqlite = null; };
+
+
+
   kexec-tools-static = prev.kexec-tools.overrideAttrs(o: {
     # For kexecboot we copy kexec into a ramdisk on the system being
     # upgraded from. This is more likely to work if kexec is