about summary refs log tree commit diff
path: root/modules/services/samba/default.nix
blob: 6dc66713260d363d369b7e19bd4abc157d2e2ce6 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{ config, pkgs, lib, ... }:
let
  cfg = config.my.services.samba;
  makePublicShare = path: {
    name = builtins.baseNameOf path;
    value = {
      inherit path;
      browseable = "yes";
      writeable = "no";
      "guest ok" = "yes";
      "guest only" = "yes";
      "force user" = "nobody";
    };
  };
in
{
  options.my.services.samba = with lib; {
    enable = mkEnableOption "Samba";
    publicShares = mkOption {
      type = with types; listOf str;
      default = [ ];
      example = literalExample ''
        [
          "/data/fast/music"
        ]
      '';
      description = "Which directories to share publicly";
    };
  };

  config = lib.mkIf cfg.enable {
    services.samba = {
      enable = true;
      securityType = "user";
      extraConfig = ''
        workgroup = WORKGROUP
        server string = tahoe
        netbios name = tahoe
        security = user
        guest account = nobody
        mangled names = no
        client min protocol = SMB2
        map to guest = bad user
        ntlm auth = true
      '';
      shares = with lib; (listToAttrs (map makePublicShare cfg.publicShares));
    };

    networking.firewall.allowedTCPPorts = [ 445 139 ];
    networking.firewall.allowedUDPPorts = [ 137 138 ];
  };
}