all repos — nixfiles @ dc8eb3bdfe00599b888676a541c762c11ba8aa04

System and user configuration, managed by nix and home-manager

prefect: configure samba

Alan Pearce
commit

dc8eb3bdfe00599b888676a541c762c11ba8aa04

parent

82e270aeea4ba9bb745bd2488f66fe0145fed5b6

2 files changed, 50 insertions(+), 0 deletions(-)

jump to
M system/prefect.nixsystem/prefect.nix
@@ -23,6 +23,7 @@ ./settings/hardware/keyboard.nix
./settings/hardware/keyboardio-model01.nix ./settings/hardware/trackball.nix ./settings/hardware/trezor.nix + ./settings/services/samba.nix ./settings/services/syncthing.nix ./settings/services/zeroconf.nix ./settings/user-interface.nix
@@ -129,6 +130,25 @@ download-dir = "/mnt/data/Transmission/Storage";
}; }; systemd.services.transmission.requires = [ "mnt-data.mount" ]; + + services.samba = { + extraConfig = '' + hosts allow = 172.30.42. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + ''; + shares = { + Music = { + path = "/mnt/data/Home/Music/"; + browseable = "yes"; + "read only" = "yes"; + "guest ok" = "yes"; + "create mask" = "0644"; + "directory mask" = "0755"; + "force user" = "alan"; + "force group" = "users"; + }; + }; + }; system.stateVersion = "22.05"; }
A system/settings/services/samba.nix
@@ -0,0 +1,30 @@
+{ config, pkgs, ... }: + +let + workgroup = "WORKGROUP"; + +in +{ + services.samba-wsdd = { + inherit workgroup; + enable = true; + }; + networking.firewall.allowedTCPPorts = [ 5357 ]; + networking.firewall.allowedUDPPorts = [ 3702 ]; + + services.samba = { + enable = true; + openFirewall = true; + securityType = "user"; + extraConfig = '' + workgroup = ${workgroup} + server string = ${config.networking.hostName} + netbios name = ${config.networking.hostName} + security = user + #use sendfile = yes + #max protocol = smb2 + guest account = nobody + map to guest = bad user + ''; + }; +}