diff --git a/nix/os/devices/router0-dmz0/configuration.nix b/nix/os/devices/router0-dmz0/configuration.nix index f62b0e8..2279647 100644 --- a/nix/os/devices/router0-dmz0/configuration.nix +++ b/nix/os/devices/router0-dmz0/configuration.nix @@ -86,9 +86,6 @@ in { nix.settings.cores = lib.mkDefault 0; } - # TODO - # ./network.nix - # ./monitoring.nix { services.openssh.enable = true; services.openssh.settings.PermitRootLogin = "yes"; @@ -396,7 +393,6 @@ in { } # configuration for the hostapd dynamic interfaces - # TODO: refactor this to configure the following per vlanid # * netdev type vlan # * host address for vlan # * vlan config for wlan interface @@ -405,8 +401,9 @@ in { (acc: cur: acc // cur) {} (builtins.map ({ vlanid, vlanid' }: { - # set an address on the tagged br-lan device. - # this address will be picked up by dnsmasq. + # configure the tagged vlan device with an address and vlan filtering. + # dnsmasq is configured to serve the respective /24 range on each tagged device. + # this device only receives traffic for the given vlanid and sends tagged traffic to the bridge. "41-br-lan.${vlanid'}" = { matchConfig.Name = "br-lan.${vlanid'}"; address = [ @@ -422,7 +419,6 @@ in { bridgeVLANs = [ { bridgeVLANConfig = { - # TODO debug this: each vlanid is native to each port VLAN = vlanid; }; } @@ -445,7 +441,6 @@ in { bridgeVLANs = [ { bridgeVLANConfig = { - # TODO debug this: each vlanid is native to each port VLAN = vlanid; PVID = vlanid; EgressUntagged = vlanid; @@ -463,16 +458,6 @@ in { ConfigureWithoutCarrier = true; }; linkConfig.RequiredForOnline = "no"; - - bridgeVLANs = [ - { - bridgeVLANConfig = { - # TODO debug this: each vlanid is native to each port - VLAN = vlanid; - PVID = vlanid; - }; - } - ]; }; }) (builtins.map