From b83827eafdf082284a719b4c91bb55d06c0e5b15 Mon Sep 17 00:00:00 2001 From: Jimbo Date: Wed, 11 Sep 2024 00:59:16 -0400 Subject: [PATCH] Add Samba for edge-cases --- nixos/server.nix | 7 +++++-- nixos/server/nextcloud.nix | 2 +- nixos/server/samba.nix | 37 +++++++++++++++++++++++++++++++++++++ secrets.nix | Bin 2237 -> 2174 bytes 4 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 nixos/server/samba.nix diff --git a/nixos/server.nix b/nixos/server.nix index 02304a16..da5d15f1 100644 --- a/nixos/server.nix +++ b/nixos/server.nix @@ -27,8 +27,6 @@ ./server/gitea.nix ./server/mailserver.nix ./server/mariadb.nix - ./server/nextcloud.nix - ./server/nfs.nix ./server/nginx.nix ./server/owncast.nix ./server/photoprism.nix @@ -38,6 +36,11 @@ ./server/wireguard.nix ./server/misc.nix + # File server + ./server/nextcloud.nix + ./server/nfs.nix + ./server/samba.nix + # Matrix ./server/synapse.nix ./server/element.nix diff --git a/nixos/server/nextcloud.nix b/nixos/server/nextcloud.nix index a5530917..644bcb22 100644 --- a/nixos/server/nextcloud.nix +++ b/nixos/server/nextcloud.nix @@ -8,7 +8,7 @@ https = true; config = { adminuser = "jimbo"; - adminpassFile = "${pkgs.writeText "nextpass" outputs.secrets.nextcloudPass}"; + adminpassFile = "/mnt/nextcloud/password.txt"; }; settings = { trusted_proxies = [ "127.0.0.1" ]; diff --git a/nixos/server/samba.nix b/nixos/server/samba.nix new file mode 100644 index 00000000..29f5a891 --- /dev/null +++ b/nixos/server/samba.nix @@ -0,0 +1,37 @@ +{ + services = { + samba = { + enable = true; + securityType = "user"; + openFirewall = true; + extraConfig = let + ips = import ../modules/ips.nix; + in '' + workgroup = WORKGROUP + server string = JimSMB + security = user + hosts allow = ${ips.localSpan}. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + guest account = nobody + map to guest = bad user + ''; + shares = { + roms = { + comment = "Samba share with my ROMs"; + path = "/export/JimboNFS/Downloads/GameFiles/ROMS"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "create mask" = "0644"; + "directory mask" = "0755"; + }; + }; + }; + + # Advertise to Windows + samba-wsdd = { + enable = true; + openFirewall = true; + }; + }; +} diff --git a/secrets.nix b/secrets.nix index 72d7ab0a0b55ff14910713c5eb59cf7a87b393ce..b2f7f352eec323930d0bcce12c4d27a376b8c6c3 100644 GIT binary patch literal 2174 zcmZQ@_Y83kiVO&05UYF3Fo$8&>w<|P|I_CQ#PJJgFmVMw+<$A{nRyP;5{817y;*go z*1s*b$*q4jd-ujV>ldkC_cSM!>mOcpw>GBKyxVnqs9eSJmE4QWZugzx%vdeF?v%s6 zn|a($b8s}7#J z>Fv_+aMCd=eT6%p3a2k|`0v}kPd)QUuT@BHUYurxh|sDt99HhJhfnNII(H;1%#Y)- z!@bgq*&TBAm(R+3wzbwVu((V#XOfR%zO*o^Y9UXjP&zi^(>)h{Y&5|`m47+X`$1b;MOEGyQQZiM0d0e!I_(y{! z`?&Tut>IOba!=(8P`R>4%qXBCb?3xMjPqFU&wNq(>+-vE_ZAzJZ@1&%J^oE|CC?tY zUCr|zOyuAGtIu!Zk(ZXeCI6SM4Epj!SN>yo^N#;>rFV0OH)i#JnN|JByzq;bN!zVI zQELs&6xDC47wRwLXtDU^OMJ>hiyY(GYmPKOGL|yb_FOE< zt!Ts*`6Y8ZkF$dKt@dsCqTdR`54J}$d;2S~-*B=sYIsx`;HujC{Qada;pg6aB~Km* z{UMn6e(LHV-L>7VEGnYUpGXAxG5GITc-AGSC*3^JddP5@viR1+3;O%o{0_ahNijTgB-(OwvdU!5#qXcG=$7wo|JEZC#5qN9 zFMrE>9m}2Hr)gTAU+yhmCos|bpNi)ePQ_~dA0=-OKG?l`=|Nt1OTNRYy#Mzv)H!Xg z{Bo;8d+Xk6h5qkmZ!Uhg;+nE2On*hpPY-j6?kVB1cQ^4pd&aHt^c06gQu)HaMdzB^ z1vFl?K8ury*>vpO*6w**>~rf*&Un=1?Xq7upqDpJDCCw8zs?Rp|0xTnT-VT;;c`oj z*;A~a@u?}}V{5mUa-s9E!H zR`cejDL=Aj-qu_4?ors@hdW(OHfrzCnCg&wxc~W70V(@m&IkT1y>?)i=t}dLi$RI* zw^)MvZ_GX&QRP3Ub?cN5QzOr*JiHh9FmO+~aN^#d`)=P6SKPI3N&Y@B$-dl48JAMp zSc>i^o@>xwFPJ4{D5-aHRWjr2CEh$&{=7E5^W;MUtK6Obr#TbDMDK3$KInXxDojA33mt2r{%EmhP&4ubr#b zcYj^k^{rHBbS>H+$)+vm4jN9_l$Qc<%mRBgs3T!!H{z zl88I=cN#v@LWg6 z%?x@v4UbJ21JX(?4iqji|E=LDG<%!JhxZGXerlZ&xIEcl^Y%oO&Bi^Ei?XgRdnu)) zl5;`K?7LE?qlkRF!=8N^`F{-#RIKB;DZOMPpF*&T6Hjx?=9x|<-kR zyQr4(Vc$6+j<$9E|C;34JU0J)$<->d+vlnKe&1bZ_iVb|E4|m)B_;gzC)K~YDmO)B zDtRZ;o}*>Ak~khXBs$E_E2r1_5Wb~!IeuFgpOWoUWTSyOrOZ1czFQ@$(RogZ{y zy{EqJZ-$eyl`hvT4y+aB{(aK^)p^^ zeiB%kZziR9SM>bzlgomm++Oepgtgx>kKgW}aDeMluAS%h265?)_hJt(iR_5|{wK2Z zP|Jpbc(-?UZ#Lci!rQ%mV< z0Oy3Q+)R=$S*1N{a&zze6tPnBnpLv+#P^RoFL1q$PvKGY-_57Ar)s6^D|TV~ENiv; zOnD!#PhM*y<{!74xTx;vqUbka!iU!HX834%zTlvG=z`1EsozB|s@{I8u{(hKcDm># zouf~+9nLDAR-4;Y8Fy3sr)f(6)QJ;$H_T__U8DR-V|5X$=kkk!_2mjnpDqjaS@ros HWK0kMk}Mq0 literal 2237 zcmZQ@_Y83kiVO&0*!h9Cd&x`DMKTq8N-U3Z7Ybi_c5AEo%;J=LelBHS6(l+3idVk* z%k=uK%N3E6)5R6NT?-r~{RXUw z9>QvYYc+PY@9CelUr^M2(~Pk6oktEi842E+`J(aoPM5H?ZDAFcPw_?M3(V+ycugko z!McumMkT3i!A+A=DmS#w-Tmc)_iD<{tFpD2kUBa`YUxtNzONNEs>BbcVcw=tQ^;P{TJ7fN4CA5>W8+?Z(nml z`oqy_W%GMZ$Fj}He=$95*PVagMbwfRI`23>f30o7*AXjUu=eA-+akx_ajEv%owN$R zl2~Fe_vvK5>08gFoBMM94*PLWYuc-P&j2^kkBpbiqkfr{9&gxT`u54EBL)9-+f5Gk zX)(u(do9rq=`80{I#sRT`C8z30*hD91)n!BnGY{5xo|4#`o}99PQR#r`+V`G4}Y6y zSsq)?lgFwsFD7yBd}f8TE}2#p^Eq81&pA2EpD$}rsHry2D)gyO^nCt^DN^Ftiu_ln zetx~4J@eNO)(vSDnU3e=eLv3->bMm(A$PuunO;oj)1wxA=Nz3M?%>~R^d#VP!IIs| zZZV&k3a?DeTq9>C@H=q9dI?iD`8273L*knjygzX8Qs$zYq9=DSeBEw(c-y7g zj?B{9TwV4R7RKf)JGdR9G|&Bi>frDFm8U8`wbT1_P2-Mf`h2xZFB*m&`%)Pqs&d3W z<@HS^3)ilqCE^>qV{X~>{=4GWocYjdwa82#?$E6FpXW`e%Z&{`f1mq#&o3dd(ye!H zrd&9+!B}#pNy_nKLIK?yg`Aq_?2_8paC~lP{F_yGt}MN0qs-iX`^AdMm$Nf|{1^Q` z^5B1ivd+;+Fu3?_>>+YWAfoD$HUA9!5BInmPpKXQaY*D4pn$`VZPk(Nn zUBI%+XJ=XM#I253!%beLoU-|o`R?AIr+YfM9w*uzYyHcYAM#G)kXu3%!={GH!VOz1 zZuH0OnS0exEzw}f_WSH^_di6KkDBjgV_DPn-&hU}iX?>H&8w!_Co?yv! zQujxzuFOjg7Iwih9jDNi-8I>~OSMk8$t-!(UpU*o`JrRQjLmeW#@B7ey`j~`t+9Z}(iO+1Gat7F`Z zK8r9|H22r;Gj+P(U>(o+WNojx+!W>P56Zo1Y4S17KFcgCeiVJIpH*gax$wa5z6bZ+JN@U6-SycQOH@9k6wn$K>leSji`pQ5y1l}7 ziqgpseeXWLX+6KV?Q-LX?S7tG9fmP~fBnAI%i$~{bN$z;$7gR`i#mI7)>$v><{vw( zA{QPqn)@VV*Ds;;8Pnp7trEU#*w$IyoPAU`*2es%pK+a1-S^;ypV>`=cE4k^<`tjf zQ$8Uk=S63Qla_?`9 z-x;O)h`>_~!D^;X_f|hCJ1rCwzIf5Y64h(_{R8=X{mdRIc|pRmoYD-ZU_tNbab zV$BqFn##d*w!P}}{+<~IIiXLN$Dh0L&f(OYvhEobwSn84A2!5VKaf)C<4L^2&YG0kSy-mi0RGrXI7tYzChKUFb~&>75g%Fd~EbqULD zdU1crOrzZ2d)fmINIcQsf93OB_4Mix^PtKluOfSR1?Dd2vg}Tp{hs&5r?cz={t=d6 z&rF;s(RbwOlfQY&A&LnOTNzvesso%FyXU>g$jx`?kCakVS@ku@_2IcW`4^VgbeI2Y zyKCyY=3i5h(gEhUWv*h<)8nnvW^UE@>#!_u^<%fa(eEd8`Qg=74sTsPoA{T!_$Vf( z;TQGZy7uNJv#xtKAMleb`!9J@0{*xxkh;x&Qh?v{&TY z-gvbmpv3(`jMVJ!n~qQSJ(acZeCwk4&(~R+^Q!u;s&*v1f#2*$IM*T UnwD$RzpKTs`DGUA?cyW@0Pc51tN;K2