blob: b5d150de4604479a3c5ba3ea9795bd529f1eeb78 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
{ config, pkgs, lib, ... }:
let
cfg = config.my.services.samba;
makePublicShare = path: {
name = builtins.baseNameOf path;
value = {
inherit path;
browseable = "yes";
writeable = "no";
"guest ok" = "yes";
"guest only" = "yes";
"force user" = "nobody";
};
};
in {
options.my.services.samba = with lib; {
enable = mkEnableOption "Samba";
publicShares = mkOption {
type = with types; listOf str;
default = [ ];
example = literalExample ''
[
"/data/fast/music"
]
'';
description = "Which directories to share publicly";
};
};
config = lib.mkIf cfg.enable {
services.samba = {
enable = true;
securityType = "user";
extraConfig = ''
workgroup = WORKGROUP
server string = tahoe
netbios name = tahoe
security = user
guest account = nobody
mangled names = no
client min protocol = SMB2
map to guest = bad user
ntlm auth = true
'';
shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares));
};
networking.firewall.allowedTCPPorts = [ 445 139 ];
networking.firewall.allowedUDPPorts = [ 137 138 ];
};
}
|
