diff --git a/machines/nixos/x86_64-linux/jeeves/configuration.nix b/machines/nixos/x86_64-linux/jeeves/configuration.nix index d1af5b3..71d9d31 100644 --- a/machines/nixos/x86_64-linux/jeeves/configuration.nix +++ b/machines/nixos/x86_64-linux/jeeves/configuration.nix @@ -10,6 +10,7 @@ ./wireguard.nix ./jellyfin.nix ./mindustry.nix + ./samba.nix ]; age.rekey = { diff --git a/machines/nixos/x86_64-linux/jeeves/disko.nix b/machines/nixos/x86_64-linux/jeeves/disko.nix index 42e385b..61892d2 100644 --- a/machines/nixos/x86_64-linux/jeeves/disko.nix +++ b/machines/nixos/x86_64-linux/jeeves/disko.nix @@ -192,6 +192,9 @@ "/data/torrents/download" = { }; "/data/torrents/incomplete" = { }; "/data/media/jellyfin" = { }; + "/data/samba" = { }; + "/data/samba/private" = { }; + "/data/samba/public" = { }; }; }; }; diff --git a/machines/nixos/x86_64-linux/jeeves/samba.nix b/machines/nixos/x86_64-linux/jeeves/samba.nix new file mode 100644 index 0000000..125e383 --- /dev/null +++ b/machines/nixos/x86_64-linux/jeeves/samba.nix @@ -0,0 +1,61 @@ +{ lib, pkgs, config, ... }: +{ + environment.systemPackages = with pkgs; [ + ]; + + # TODO: smbpasswd -a + + services.samba-wsdd = { + # make shares visible for Windows clients + enable = true; + openFirewall = true; + }; + + services.samba = { + enable = true; + package = pkgs.sambaFull; + openFirewall = true; + securityType = "user"; + extraConfig = '' + # Files + workgroup = WORKGROUP + server string = smbnix + netbios name = smbnix + security = user + #use sendfile = yes + #max protocol = smb2 + # NOTE: localhost is the ipv6 localhost ::1 + hosts allow = 192.168.0. 192.168.1. 10.100.0. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + guest account = nobody + map to guest = bad user + + # Printers + load printers = yes + printing = cups + printcap name = cups + ''; + shares = { + public = { + path = "/data/samba/public"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "yes"; + "create mask" = "0644"; + "directory mask" = "0755"; + "force user" = "jeeves"; + "force group" = "users"; + }; + private = { + path = "/data/samba/private"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "create mask" = "0644"; + "directory mask" = "0755"; + "force user" = "jeeves"; + "force group" = "users"; + }; + }; + }; +}