From 0bece1c755a7869bf0d5194ae37da3113856a2f6 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Wed, 10 May 2023 19:57:20 -0700 Subject: profiles/samba: convert the old module as a profile --- hosts/tahoe/default.nix | 1 + hosts/tahoe/services.nix | 4 --- modules/services/default.nix | 1 - modules/services/samba/default.nix | 52 -------------------------------------- profiles/samba.nix | 33 ++++++++++++++++++++++++ 5 files changed, 34 insertions(+), 57 deletions(-) delete mode 100644 modules/services/samba/default.nix create mode 100644 profiles/samba.nix diff --git a/hosts/tahoe/default.nix b/hosts/tahoe/default.nix index f3174e5..0f5dec0 100644 --- a/hosts/tahoe/default.nix +++ b/hosts/tahoe/default.nix @@ -13,6 +13,7 @@ in "${self}/profiles/acme.nix" "${self}/profiles/nginx.nix" "${self}/profiles/unifi.nix" + "${self}/profiles/samba.nix" "${self}/profiles/git-server.nix" "${self}/profiles/music-server.nix" "${self}/profiles/hardware/amd.nix" diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index b8a1b34..d49785b 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -7,10 +7,6 @@ in systemd.services.mdmonitor.enable = false; my.services = { - samba = { - enable = true; - publicShares = [ "/data/fast/music" "/data/fast/videos" ]; - }; monitoring = { prometheus = { enable = true; diff --git a/modules/services/default.nix b/modules/services/default.nix index d04e5cf..2cf7f86 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -4,7 +4,6 @@ imports = [ ./backup ./monitoring - ./samba ./sendsms ./syncthing ./transmission diff --git a/modules/services/samba/default.nix b/modules/services/samba/default.nix deleted file mode 100644 index 6dc6671..0000000 --- a/modules/services/samba/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, pkgs, lib, ... }: -let - cfg = config.my.services.samba; - makePublicShare = path: { - name = builtins.baseNameOf path; - value = { - inherit path; - browseable = "yes"; - writeable = "no"; - "guest ok" = "yes"; - "guest only" = "yes"; - "force user" = "nobody"; - }; - }; -in -{ - options.my.services.samba = with lib; { - enable = mkEnableOption "Samba"; - publicShares = mkOption { - type = with types; listOf str; - default = [ ]; - example = literalExample '' - [ - "/data/fast/music" - ] - ''; - description = "Which directories to share publicly"; - }; - }; - - config = lib.mkIf cfg.enable { - services.samba = { - enable = true; - securityType = "user"; - extraConfig = '' - workgroup = WORKGROUP - server string = tahoe - netbios name = tahoe - security = user - guest account = nobody - mangled names = no - client min protocol = SMB2 - map to guest = bad user - ntlm auth = true - ''; - shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares)); - }; - - networking.firewall.allowedTCPPorts = [ 445 139 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; - }; -} diff --git a/profiles/samba.nix b/profiles/samba.nix new file mode 100644 index 0000000..d1f186b --- /dev/null +++ b/profiles/samba.nix @@ -0,0 +1,33 @@ +{ config, pkgs, lib, ... }: +let + makePublicShare = path: { + name = builtins.baseNameOf path; + value = { + inherit path; + browseable = "yes"; + writeable = "no"; + "guest ok" = "yes"; + "guest only" = "yes"; + "force user" = "nobody"; + }; + }; + publicShares = [ "/data/fast/music" "/data/fast/videos" ]; +in +{ + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/network-filesystems/samba.nix + services.samba = { + enable = true; + extraConfig = '' + workgroup = WORKGROUP + server string = tahoe + netbios name = tahoe + security = user + guest account = nobody + mangled names = no + client min protocol = SMB2 + map to guest = bad user + ntlm auth = true + ''; + shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares)); + }; +} -- cgit 1.4.1