{ wleInterface24Ghz ? "", wleInterface5Ghz ? "", wleSSID,
# Generate Encrypted Passphrase with: wpa_passphrase <wleSSID> <passphrase>
wlePassphrase, }:

with builtins;
let
  pkgs = import <nixpkgs> { };
  country = "US";
  wle24GhzEnabled = (stringLength wleInterface24Ghz) > 0;
  wle5GhzEnabled = (stringLength wleInterface5Ghz) > 0;
in {
  boot.extraModprobeConfig = ''
    options cfg80211 ieee80211_regdom=${country}
  '';

  imports = [ ./hostapd5ghz.nix ];

  services.udev.packages = [ pkgs.crda ];

  services.hostapd5ghz = {
    enable = wle5GhzEnabled;
    interface = wleInterface5Ghz;
    hwMode = "a";
    ssid = wleSSID;
    wpaPassphrase = wlePassphrase;
    channel = 36;
    extraConfig = ''
      ${optionalString wle24GhzEnabled "except-interface=${wleInterface24Ghz}"}
      max_num_sta=255

      #Details for Connecting Clients via WPA2 TKIP
      auth_algs=1
      wpa_key_mgmt=WPA-PSK
      wpa_pairwise=CCMP
      rsn_pairwise=CCMP

      #802.11d Regulatory Restrictions Designations for Which Frequencies and Channels are Legal
      ieee80211d=1
      # DFS
      #ieee80211h=1
      country_code=${country}

      #802.11n Configurations
      ieee80211n=1

      #802.11ac Configurations
      ieee80211ac=1
      vht_oper_chwidth=1
      vht_oper_centr_freq_seg0_idx=42


      #How Many Units of Time Between Beacon Transmissions
      #beacon_int=100
      #Multiplier of How Many Units of Time Between Beacon Transmissions
      #dtim_period=2
      #(e.g. 100 milliseconds(ms) * 2 = 200 ms between beacons)

      #QoS Type of Traffic Management Based on Traffic Type
      wmm_enabled=1

      ##Background
      #wmm_ac_bk_cwmin=4
      #wmm_ac_bk_cwmax=10
      #wmm_ac_bk_aifs=7
      #wmm_ac_bk_txop_limit=0
      #wmm_ac_bk_acm=0

      ##Best Effort
      #wmm_ac_be_aifs=3
      #wmm_ac_be_cwmin=4
      #wmm_ac_be_cwmax=10
      #wmm_ac_be_txop_limit=0
      #wmm_ac_be_acm=0

      ##Video
      #wmm_ac_vi_aifs=2
      #wmm_ac_vi_cwmin=3
      #wmm_ac_vi_cwmax=4
      #wmm_ac_vi_txop_limit=94
      #wmm_ac_vi_acm=0

      ##Voice
      #wmm_ac_vo_aifs=2
      #wmm_ac_vo_cwmin=2
      #wmm_ac_vo_cwmax=3
      #wmm_ac_vo_txop_limit=47
      #wmm_ac_vo_acm=0
    '';
  };

  services.hostapd = {
    enable = wle24GhzEnabled;
    interface = wleInterface;
    hwMode = "g";
    ssid = wleSSID;
    wpaPassphrase = wlePassphrase;
    channel = 6;
    extraConfig = ''
      ${optionalString wle5GhzEnabled "except-interface=${wleInterface5Ghz}"}

      #macaddr_acl sets options for mac address filtering. 0 means "accept unless in deny list"
      macaddr_acl=0

      #setting ignore_broadcast_ssid to 1 will disable the broadcasting of ssid
      ignore_broadcast_ssid=0

      #Sets authentication algorithm
      #1 - only open system authentication
      #2 - both open system authentication and shared key authentication
      auth_algs=1

      #####Sets WPA2 authentication#####
      #sets wpa key management
      wpa_key_mgmt=WPA-PSK
      #sets encryption used by WPA
      wpa_pairwise=TKIP
      #sets encryption used by WPA2
      rsn_pairwise=CCMP

      #### even more options ####
      wme_enabled=1
      ieee80211n=1
    '';
  };

}