profiles/samba: convert the old module as a profile

5 files changed, 34 insertions, 57 deletions

diff --git a/hosts/tahoe/default.nix b/hosts/tahoe/default.nix
index f3174e5..0f5dec0 100644
--- a/hosts/tahoe/default.nix
+++ b/hosts/tahoe/default.nix
@@ -13,6 +13,7 @@ in
     "${self}/profiles/acme.nix"
     "${self}/profiles/nginx.nix"
     "${self}/profiles/unifi.nix"
+    "${self}/profiles/samba.nix"
     "${self}/profiles/git-server.nix"
     "${self}/profiles/music-server.nix"
     "${self}/profiles/hardware/amd.nix"
diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix
index b8a1b34..d49785b 100644
--- a/hosts/tahoe/services.nix
+++ b/hosts/tahoe/services.nix
@@ -7,10 +7,6 @@ in
   systemd.services.mdmonitor.enable = false;
 
   my.services = {
-    samba = {
-      enable = true;
-      publicShares = [ "/data/fast/music" "/data/fast/videos" ];
-    };
     monitoring = {
       prometheus = {
         enable = true;
diff --git a/modules/services/default.nix b/modules/services/default.nix
index d04e5cf..2cf7f86 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -4,7 +4,6 @@
   imports = [
     ./backup
     ./monitoring
-    ./samba
     ./sendsms
     ./syncthing
     ./transmission
diff --git a/modules/services/samba/default.nix b/modules/services/samba/default.nix
deleted file mode 100644
index 6dc6671..0000000
--- a/modules/services/samba/default.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  cfg = config.my.services.samba;
-  makePublicShare = path: {
-    name = builtins.baseNameOf path;
-    value = {
-      inherit path;
-      browseable = "yes";
-      writeable = "no";
-      "guest ok" = "yes";
-      "guest only" = "yes";
-      "force user" = "nobody";
-    };
-  };
-in
-{
-  options.my.services.samba = with lib; {
-    enable = mkEnableOption "Samba";
-    publicShares = mkOption {
-      type = with types; listOf str;
-      default = [ ];
-      example = literalExample ''
-        [
-          "/data/fast/music"
-        ]
-      '';
-      description = "Which directories to share publicly";
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    services.samba = {
-      enable = true;
-      securityType = "user";
-      extraConfig = ''
-        workgroup = WORKGROUP
-        server string = tahoe
-        netbios name = tahoe
-        security = user
-        guest account = nobody
-        mangled names = no
-        client min protocol = SMB2
-        map to guest = bad user
-        ntlm auth = true
-      '';
-      shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares));
-    };
-
-    networking.firewall.allowedTCPPorts = [ 445 139 ];
-    networking.firewall.allowedUDPPorts = [ 137 138 ];
-  };
-}
diff --git a/profiles/samba.nix b/profiles/samba.nix
new file mode 100644
index 0000000..d1f186b
--- /dev/null
+++ b/profiles/samba.nix
@@ -0,0 +1,33 @@
+{ config, pkgs, lib, ... }:
+let
+  makePublicShare = path: {
+    name = builtins.baseNameOf path;
+    value = {
+      inherit path;
+      browseable = "yes";
+      writeable = "no";
+      "guest ok" = "yes";
+      "guest only" = "yes";
+      "force user" = "nobody";
+    };
+  };
+  publicShares = [ "/data/fast/music" "/data/fast/videos" ];
+in
+{
+  # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/network-filesystems/samba.nix
+  services.samba = {
+    enable = true;
+    extraConfig = ''
+      workgroup = WORKGROUP
+      server string = tahoe
+      netbios name = tahoe
+      security = user
+      guest account = nobody
+      mangled names = no
+      client min protocol = SMB2
+      map to guest = bad user
+      ntlm auth = true
+    '';
+    shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares));
+  };
+}