alyssum/samba: init
This commit is contained in:
parent
402c847f3c
commit
d1a8e7222f
GPG key ID:
6500251E087653C9
2 changed files with 82 additions and 0 deletions
|
|
@ -31,6 +31,7 @@
|
||||||
./filesystem.nix
|
./filesystem.nix
|
||||||
./kernel.nix
|
./kernel.nix
|
||||||
./networking.nix
|
./networking.nix
|
||||||
|
./samba.nix
|
||||||
|
|
||||||
../../users/hana
|
../../users/hana
|
||||||
];
|
];
|
||||||
|
|
|
||||||
81
hosts/alyssum/samba.nix
Normal file
81
hosts/alyssum/samba.nix
Normal file
|
|
@ -0,0 +1,81 @@
|
||||||
|
{ config, ... }: {
|
||||||
|
networking.firewall.allowPing = true;
|
||||||
|
|
||||||
|
users.users.cilly = {
|
||||||
|
hashedPasswordFile = config.age.secrets.passwd.path;
|
||||||
|
isNormalUser = true;
|
||||||
|
};
|
||||||
|
users.users.kujira = {
|
||||||
|
hashedPasswordFile = config.age.secrets.passwd.path;
|
||||||
|
isNormalUser = true;
|
||||||
|
};
|
||||||
|
system.activationScripts = {
|
||||||
|
init_smbpasswd.text = ''
|
||||||
|
/run/current-system/sw/bin/printf "$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd.path})\n$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd.path})\n" | /run/current-system/sw/bin/smbpasswd -sa cilly
|
||||||
|
|
||||||
|
/run/current-system/sw/bin/printf "$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_kujira.path})\n$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_kujira.path})\n" | /run/current-system/sw/bin/smbpasswd -sa kujira
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.samba = {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = true;
|
||||||
|
settings = {
|
||||||
|
global = {
|
||||||
|
"workgroup" = "WORKGROUP";
|
||||||
|
"server string" = "smbnix";
|
||||||
|
"netbios name" = "smbnix";
|
||||||
|
"security" = "user";
|
||||||
|
"hosts allow" = "100.67.2.1 127.0.0.1 localhost";
|
||||||
|
"hosts deny" = "0.0.0.0/0";
|
||||||
|
"guest account" = "nobody";
|
||||||
|
"map to guest" = "bad user";
|
||||||
|
};
|
||||||
|
"public" = {
|
||||||
|
"path" = "/flower/smb/public";
|
||||||
|
"browseable" = "yes";
|
||||||
|
"read only" = "no";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
"create mask" = "0644";
|
||||||
|
"directory mask" = "0755";
|
||||||
|
"force user" = "hana";
|
||||||
|
"force group" = "users";
|
||||||
|
};
|
||||||
|
"cilly" = {
|
||||||
|
"path" = "/flower/smb/cilly";
|
||||||
|
"browseable" = "yes";
|
||||||
|
"read only" = "no";
|
||||||
|
"guest ok" = "no";
|
||||||
|
"create mask" = "0644";
|
||||||
|
"directory mask" = "0755";
|
||||||
|
"force user" = "cilly";
|
||||||
|
"force group" = "users";
|
||||||
|
"valid users" = "cilly";
|
||||||
|
};
|
||||||
|
"kujira" = {
|
||||||
|
"path" = "/flower/smb/kujira";
|
||||||
|
"browseable" = "yes";
|
||||||
|
"read only" = "no";
|
||||||
|
"guest ok" = "no";
|
||||||
|
"create mask" = "0644";
|
||||||
|
"directory mask" = "0755";
|
||||||
|
"force user" = "kujira";
|
||||||
|
"force group" = "users";
|
||||||
|
"valid users" = "kujira";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.samba-wsdd = {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.avahi = {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = true;
|
||||||
|
nssmdns4 = true;
|
||||||
|
publish.enable = true;
|
||||||
|
publish.userServices = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue