2024-08-29 03:26:04 +02:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}:
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
|
with lib;
|
2023-07-03 09:39:14 +02:00
|
|
|
with types;
|
2019-10-24 02:20:38 +02:00
|
|
|
let
|
2024-03-03 09:59:17 +01:00
|
|
|
cfg = config.samba-share;
|
2021-11-01 09:20:42 +01:00
|
|
|
in
|
|
|
|
|
{
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2024-03-03 09:59:17 +01:00
|
|
|
options.samba-share = {
|
2023-10-20 08:46:57 +02:00
|
|
|
openPorts = mkEnableOption "open samba ports everywher";
|
2024-03-03 09:59:17 +01:00
|
|
|
enable = mkEnableOption "enable samba-share";
|
2023-07-03 09:39:14 +02:00
|
|
|
enableWSDD = mkEnableOption "enable services.samba-wsdd.enable";
|
|
|
|
|
guestUser = mkOption {
|
|
|
|
|
default = "media";
|
|
|
|
|
type = str;
|
|
|
|
|
description = ''
|
|
|
|
|
user name a guest users uses.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
folders = mkOption {
|
2020-04-10 15:08:33 +02:00
|
|
|
default = { };
|
2019-10-24 02:20:38 +02:00
|
|
|
type = with types; attrsOf str;
|
|
|
|
|
description = ''
|
|
|
|
|
folders to share as readonly
|
|
|
|
|
'';
|
2024-08-29 03:26:04 +02:00
|
|
|
example = {
|
|
|
|
|
public = "/srv/downloads/movies";
|
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
2020-04-10 15:08:33 +02:00
|
|
|
private = mkOption {
|
|
|
|
|
default = { };
|
2024-08-29 03:26:04 +02:00
|
|
|
type =
|
|
|
|
|
with types;
|
2020-04-10 15:08:33 +02:00
|
|
|
attrsOf (submodule {
|
|
|
|
|
options = {
|
|
|
|
|
users = mkOption {
|
|
|
|
|
type = with types; str;
|
|
|
|
|
description = ''
|
|
|
|
|
System users allowed to access the folder.
|
|
|
|
|
To set password:
|
2020-05-15 17:24:38 +02:00
|
|
|
# nix-shell -p samba
|
2020-04-10 15:08:33 +02:00
|
|
|
# smbpasswd -a <user>
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
folder = mkOption { type = with types; str; };
|
|
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = mkMerge [
|
2020-04-10 15:08:33 +02:00
|
|
|
|
2019-10-24 02:20:38 +02:00
|
|
|
(mkIf cfg.enable {
|
2020-04-10 15:08:33 +02:00
|
|
|
|
2019-10-24 02:20:38 +02:00
|
|
|
services.samba = {
|
|
|
|
|
enable = true;
|
|
|
|
|
# services.samba.securityType = "share";
|
2024-09-14 03:51:15 +02:00
|
|
|
settings = {
|
|
|
|
|
"guest account" = cfg.guestUser;
|
|
|
|
|
"map to guest" = "bad user";
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
|
# disable printing
|
2024-09-14 03:51:15 +02:00
|
|
|
"load printers" = "no";
|
|
|
|
|
"printing" = "bsd";
|
|
|
|
|
"printcap name" = "/dev/null";
|
|
|
|
|
"disable spoolss" = "yes";
|
|
|
|
|
};
|
|
|
|
|
#extraConfig = ''
|
|
|
|
|
# guest account = ${cfg.guestUser}
|
|
|
|
|
# map to guest = bad user
|
|
|
|
|
# # disable printing
|
|
|
|
|
# load printers = no
|
|
|
|
|
# printing = bsd
|
|
|
|
|
# printcap name = /dev/null
|
|
|
|
|
# disable spoolss = yes
|
|
|
|
|
#'';
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2024-08-29 03:26:04 +02:00
|
|
|
shares =
|
|
|
|
|
mapAttrs' (name: path: {
|
2020-04-10 15:08:33 +02:00
|
|
|
name = name;
|
|
|
|
|
value = {
|
|
|
|
|
browsable = "yes";
|
|
|
|
|
comment = "read only share ${name}";
|
2021-11-01 09:20:42 +01:00
|
|
|
path = path;
|
|
|
|
|
"read only" = "yes";
|
|
|
|
|
"guest ok" = "yes";
|
2020-04-10 15:08:33 +02:00
|
|
|
};
|
2024-08-29 03:26:04 +02:00
|
|
|
}) cfg.folders
|
|
|
|
|
// (mapAttrs' (
|
|
|
|
|
name:
|
|
|
|
|
{ users, folder, ... }:
|
|
|
|
|
{
|
2021-11-01 09:20:42 +01:00
|
|
|
name = name;
|
|
|
|
|
value = {
|
|
|
|
|
browsable = "yes";
|
2023-04-19 07:31:34 +02:00
|
|
|
comment = "read write share ${name}";
|
2021-11-01 09:20:42 +01:00
|
|
|
path = folder;
|
|
|
|
|
"valid users" = users;
|
2023-04-19 07:31:34 +02:00
|
|
|
"read only" = "no";
|
|
|
|
|
"guest ok" = "no";
|
2021-11-01 09:20:42 +01:00
|
|
|
};
|
2024-08-29 03:26:04 +02:00
|
|
|
}
|
|
|
|
|
) cfg.private);
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
|
|
2023-07-03 09:39:14 +02:00
|
|
|
#users.users.smbguest = {
|
|
|
|
|
# name = "smbguest";
|
|
|
|
|
# uid = config.ids.uids.smbguest;
|
|
|
|
|
# description = "smb guest user";
|
|
|
|
|
# home = "/home/smbguest";
|
|
|
|
|
# createHome = true;
|
|
|
|
|
# group = "smbguest";
|
|
|
|
|
#};
|
|
|
|
|
#users.groups.smbguest = { };
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
|
})
|
2023-10-20 08:46:57 +02:00
|
|
|
|
2019-12-21 12:33:28 +01:00
|
|
|
# todo : maybe better to have a parameter for this
|
2020-11-21 18:56:11 +01:00
|
|
|
(mkIf config.services.syncthing.enable {
|
2019-12-21 12:33:28 +01:00
|
|
|
users.groups."syncthing".members = [ "smbguest" ];
|
2019-10-24 02:20:38 +02:00
|
|
|
})
|
2023-07-03 09:39:14 +02:00
|
|
|
|
2023-10-20 08:46:57 +02:00
|
|
|
(mkIf cfg.openPorts {
|
2024-08-29 03:26:04 +02:00
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
|
445
|
|
|
|
|
139
|
|
|
|
|
5357
|
|
|
|
|
];
|
|
|
|
|
networking.firewall.allowedUDPPorts = [
|
|
|
|
|
137
|
|
|
|
|
138
|
|
|
|
|
3702
|
|
|
|
|
];
|
2023-10-20 08:46:57 +02:00
|
|
|
})
|
|
|
|
|
|
2023-07-03 09:39:14 +02:00
|
|
|
(mkIf cfg.enableWSDD {
|
|
|
|
|
services.samba-wsdd.enable = true;
|
|
|
|
|
services.samba-wsdd.discovery = true;
|
2023-10-20 08:46:57 +02:00
|
|
|
})
|
2019-10-24 02:20:38 +02:00
|
|
|
];
|
|
|
|
|
}
|
