diff options
-rw-r--r-- | hosts/tahoe/default.nix | 1 | ||||
-rw-r--r-- | hosts/tahoe/services.nix | 4 | ||||
-rw-r--r-- | modules/services/default.nix | 1 | ||||
-rw-r--r-- | modules/services/samba/default.nix | 52 | ||||
-rw-r--r-- | profiles/samba.nix | 33 |
5 files changed, 34 insertions, 57 deletions
diff --git a/hosts/tahoe/default.nix b/hosts/tahoe/default.nix index f3174e5..0f5dec0 100644 --- a/hosts/tahoe/default.nix +++ b/hosts/tahoe/default.nix @@ -13,6 +13,7 @@ in "${self}/profiles/acme.nix" "${self}/profiles/nginx.nix" "${self}/profiles/unifi.nix" + "${self}/profiles/samba.nix" "${self}/profiles/git-server.nix" "${self}/profiles/music-server.nix" "${self}/profiles/hardware/amd.nix" diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index b8a1b34..d49785b 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -7,10 +7,6 @@ in systemd.services.mdmonitor.enable = false; my.services = { - samba = { - enable = true; - publicShares = [ "/data/fast/music" "/data/fast/videos" ]; - }; monitoring = { prometheus = { enable = true; diff --git a/modules/services/default.nix b/modules/services/default.nix index d04e5cf..2cf7f86 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -4,7 +4,6 @@ imports = [ ./backup ./monitoring - ./samba ./sendsms ./syncthing ./transmission diff --git a/modules/services/samba/default.nix b/modules/services/samba/default.nix deleted file mode 100644 index 6dc6671..0000000 --- a/modules/services/samba/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, pkgs, lib, ... }: -let - cfg = config.my.services.samba; - makePublicShare = path: { - name = builtins.baseNameOf path; - value = { - inherit path; - browseable = "yes"; - writeable = "no"; - "guest ok" = "yes"; - "guest only" = "yes"; - "force user" = "nobody"; - }; - }; -in -{ - options.my.services.samba = with lib; { - enable = mkEnableOption "Samba"; - publicShares = mkOption { - type = with types; listOf str; - default = [ ]; - example = literalExample '' - [ - "/data/fast/music" - ] - ''; - description = "Which directories to share publicly"; - }; - }; - - config = lib.mkIf cfg.enable { - services.samba = { - enable = true; - securityType = "user"; - extraConfig = '' - workgroup = WORKGROUP - server string = tahoe - netbios name = tahoe - security = user - guest account = nobody - mangled names = no - client min protocol = SMB2 - map to guest = bad user - ntlm auth = true - ''; - shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares)); - }; - - networking.firewall.allowedTCPPorts = [ 445 139 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; - }; -} diff --git a/profiles/samba.nix b/profiles/samba.nix new file mode 100644 index 0000000..d1f186b --- /dev/null +++ b/profiles/samba.nix @@ -0,0 +1,33 @@ +{ config, pkgs, lib, ... }: +let + makePublicShare = path: { + name = builtins.baseNameOf path; + value = { + inherit path; + browseable = "yes"; + writeable = "no"; + "guest ok" = "yes"; + "guest only" = "yes"; + "force user" = "nobody"; + }; + }; + publicShares = [ "/data/fast/music" "/data/fast/videos" ]; +in +{ + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/network-filesystems/samba.nix + services.samba = { + enable = true; + extraConfig = '' + workgroup = WORKGROUP + server string = tahoe + netbios name = tahoe + security = user + guest account = nobody + mangled names = no + client min protocol = SMB2 + map to guest = bad user + ntlm auth = true + ''; + shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares)); + }; +} |