prefect: configure samba
Alan Pearce alan@alanpearce.eu
Sat, 25 Jun 2022 00:51:57 +0200
2 files changed, 50 insertions(+), 0 deletions(-)
M system/prefect.nix → system/prefect.nix
@@ -23,6 +23,7 @@ ./settings/hardware/keyboard.nix ./settings/hardware/keyboardio-model01.nix ./settings/hardware/trackball.nix ./settings/hardware/trezor.nix + ./settings/services/samba.nix ./settings/services/syncthing.nix ./settings/services/zeroconf.nix ./settings/user-interface.nix @@ -129,6 +130,25 @@ download-dir = "/mnt/data/Transmission/Storage"; }; }; systemd.services.transmission.requires = [ "mnt-data.mount" ]; + + services.samba = { + extraConfig = '' + hosts allow = 172.30.42. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + ''; + shares = { + Music = { + path = "/mnt/data/Home/Music/"; + browseable = "yes"; + "read only" = "yes"; + "guest ok" = "yes"; + "create mask" = "0644"; + "directory mask" = "0755"; + "force user" = "alan"; + "force group" = "users"; + }; + }; + }; system.stateVersion = "22.05"; }
A system/settings/services/samba.nix
@@ -0,0 +1,30 @@+{ config, pkgs, ... }: + +let + workgroup = "WORKGROUP"; + +in +{ + services.samba-wsdd = { + inherit workgroup; + enable = true; + }; + networking.firewall.allowedTCPPorts = [ 5357 ]; + networking.firewall.allowedUDPPorts = [ 3702 ]; + + services.samba = { + enable = true; + openFirewall = true; + securityType = "user"; + extraConfig = '' + workgroup = ${workgroup} + server string = ${config.networking.hostName} + netbios name = ${config.networking.hostName} + security = user + #use sendfile = yes + #max protocol = smb2 + guest account = nobody + map to guest = bad user + ''; + }; +}