From b83827eafdf082284a719b4c91bb55d06c0e5b15 Mon Sep 17 00:00:00 2001 From: Jimbo Date: Wed, 11 Sep 2024 00:59:16 -0400 Subject: [PATCH] Add Samba for edge-cases --- nixos/server.nix | 7 +++++-- nixos/server/nextcloud.nix | 2 +- nixos/server/samba.nix | 37 +++++++++++++++++++++++++++++++++++++ secrets.nix | Bin 2237 -> 2174 bytes 4 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 nixos/server/samba.nix diff --git a/nixos/server.nix b/nixos/server.nix index 02304a1..da5d15f 100644 --- a/nixos/server.nix +++ b/nixos/server.nix @@ -27,8 +27,6 @@ ./server/gitea.nix ./server/mailserver.nix ./server/mariadb.nix - ./server/nextcloud.nix - ./server/nfs.nix ./server/nginx.nix ./server/owncast.nix ./server/photoprism.nix @@ -38,6 +36,11 @@ ./server/wireguard.nix ./server/misc.nix + # File server + ./server/nextcloud.nix + ./server/nfs.nix + ./server/samba.nix + # Matrix ./server/synapse.nix ./server/element.nix diff --git a/nixos/server/nextcloud.nix b/nixos/server/nextcloud.nix index a553091..644bcb2 100644 --- a/nixos/server/nextcloud.nix +++ b/nixos/server/nextcloud.nix @@ -8,7 +8,7 @@ https = true; config = { adminuser = "jimbo"; - adminpassFile = "${pkgs.writeText "nextpass" outputs.secrets.nextcloudPass}"; + adminpassFile = "/mnt/nextcloud/password.txt"; }; settings = { trusted_proxies = [ "127.0.0.1" ]; diff --git a/nixos/server/samba.nix b/nixos/server/samba.nix new file mode 100644 index 0000000..29f5a89 --- /dev/null +++ b/nixos/server/samba.nix @@ -0,0 +1,37 @@ +{ + services = { + samba = { + enable = true; + securityType = "user"; + openFirewall = true; + extraConfig = let + ips = import ../modules/ips.nix; + in '' + workgroup = WORKGROUP + server string = JimSMB + security = user + hosts allow = ${ips.localSpan}. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + guest account = nobody + map to guest = bad user + ''; + shares = { + roms = { + comment = "Samba share with my ROMs"; + path = "/export/JimboNFS/Downloads/GameFiles/ROMS"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "create mask" = "0644"; + "directory mask" = "0755"; + }; + }; + }; + + # Advertise to Windows + samba-wsdd = { + enable = true; + openFirewall = true; + }; + }; +} diff --git a/secrets.nix b/secrets.nix index 72d7ab0a0b55ff14910713c5eb59cf7a87b393ce..b2f7f352eec323930d0bcce12c4d27a376b8c6c3 100644 GIT binary patch literal 2174 zcmV-^2!ZziM@dveQdv+`02Y4j0Gt4_>u`}&|7V^MUJno`0t!*#zuKP6oP5~HrtNO323VmuF62Z z*=|d?+PcaedB&{|6%U_fCZbndskyak6$ZHi&J@fkxQ6%C`_*xCL^3*|ZPm&O+9bio zp-QO3a_!}xd@+Z@A-2SuhACwLos*T51rb#DA>bv5n~t^V3Vb!`NI(^j`Lh-0C_U~u z2+u!d`+Uh893%v`1yao_!BPZl-pA4}%O@>c)5RoSZ4TE01=V%Vs=>RBdivDOeN|s>}#FM_t3nyJF77YF17N<3QeZc$rm zSyVf1_hy3`d~yJ~*)v_IIEG|2;uLh1E2mytNEh)iq`nHjf~*ZC8b@UgP$bm67BWzP zWx0`(0iFflndo);)9%jRqcC^3J_rrR_9>|hydJuPp5T!WxB8Awk;LgajdcH|sZ#Xh zEg$h$gSh{l8@mfvfohNRntS3mar7!QhT8mEtuZzsC)p=)FQy2DIQmRMZ1dORv?>4I zPGSGtMhKgpBvzF6H4U^Pzt=A)Kys}pYQ<9|VHOCljU{W_6^5c8K}}l3qk#3J+7;lI zAlwFHIOQs#3s}e}5#Yb&S7@5Q7q?wlEEibP$&1yBPl;IL#Q`!37~p8P$**BS4$Gy* zN*9#jIBYYUti*%jGa4}~NuwDHAuGN+=| z`v^%MGpY@Dug16y?YA{nPu;!t^_tqf&qengfQ&z?RiORKe%TN8vyj<=J+CnR?zjKC z0U(B8xnBUxu!OnkM9P0RZ-+P!OphF*=4<=IN~Nrc)H11SjmJk8ZiFt(0QW2vP9<|> zG7<(roCyDRChM=1Ns`&fg~BnWBNw&9ppTA*PQvdzWHHRdTRF31B$Fwl@8v`-cfE)9 zj1*D{lo7oTgzqdlx%ZYSInSp{AAS&#Oa3HDv9rt-g}r+qkM}n0(eTtoWV}`{s9gC-HyDeQS6$t*4(8?yDCNos7-Dy!{c_HO zhY%>}h2~xyT(ZW_wTqs#KW%==nBsyHicdjynDZ^@mvx1cPYnj_F zr0(KYz2Uhowfu@L&ZV+>hmKkyaJmvP;23)OufZC}t7hm?vev?4dh*9k*gQFxXM? z0xiRixK-g-{*U zbo>32g05b00#YnLiS-oLti0(G1{0k@0kZ%uEP&%Q0Z?XiIKXkFH~T0-5}US2@b93d z@`adDr(-a)w_!B1GmKfHYSpIc8X_cY&=xlLB56SsABRA^zG!d#Fu-`O2-zE?u?`?p zBti^>gtM7KbW15mNYG?qv=GUUR?#M8@V?Fx2!^hY{(>I{NVECr3WXHAOyx(vO}fpz zvfGUty)#5)SL^a6{VgQf6dZW?K?G0R8riIcg|K^86bR7;*!W>C$Zt44r`G8(GBgrN z?a!qC=x3_vKsI%&O+yq3sp8Y{_+RUHwYSo04uo=Hy@h2VUxY&xFhk0E7`5!#gJNyZ zw0kybqW@zZHc%HMha^TaR;pSr!3Wsr@MfX1@wL$`8xF+{ibJGhduU<$F*(&kDI=qs zH{&;y_afb&QoyfCFD?53$sKt_);Pee6$|^xKkCmtS@p}ceyb<^5DjcIMAC&W?J{A( zss~6pW|I`@@(`tOHX0$_70>6%rc+u*=nqg95KJ2pH^bL!zsmeI@;>-OySAKJfTk7XiPzt!J5GzhFwIp`T-s{|% zPtZ^akhKc}8R-QZNPKN=-1!tbB1)QcqsaI1xzGyjUt|m+PrD8xyn3lc>IV})YC9%> zX&+2V@=C2(pT|CtqJG7qTkKX7!mqmk@j1_M!6#Lq(>rDN6wxKyCb7bC5M0WKc83`V9 zsqFm%>+M9;6v>wsIB<;>lJGW1)3L54Mgz{t4WGqcq@5lS@hBl#W(#B8x1_7$Sr+NE zc#%TZhd@st;X5|XHQ&tAr1o-CR)DU>5o<8bH*L6$uBU6_pd(I>l}ZD?$HuuujZmVx zLDL$myhMOKLPC7e`wggwO$iG=Oi(Rm&>9}j`^!_C&-J5GsU+EgbfdB1nD{Cz)4&`dk(3e%xoezQ)EMv6bL`RnjpOVmuY}1; zV=B)$;+>XCU@4%oe=63y+S{^ZV1$W}E!(&svnAY;ZvE{A{EuF-NE0Setth&OypNi{ z5fw+Wm{w=G#KJ-{5!#vPfycQ-R;`9sc+<)bSZ@%Rj^WlEQQ)qKe*q#IYZ0=NWO=ZK zoxAkV7vDhoL*8s?le(AD!hlC@G;y=Yn{;oW+xQAs*lr4Pmg)^7Ds0)`+5mklp-4e; zfaMc^=1}>9DyXO|<}+lwXhJQQP~KAqdU&-2Hmrh7OyCVGV`(=Zz>p1ricX(VB#(}e zv`Bnd{C)XXcAvutUSr7xvv0S$*R++pC0Sd4rZY*~cA{vnM#F^ymV`*9w!b$A9*0Y>v9UV+#83dG_)jY%iMwx5Tr$Q$s*mUf?v%UuSTZ|Ij+y4?Qv6eeQ;iQGZw z>nk`8h+Q9Wt?};L6vplfC5}GHI#bkPbTFOelMa`)%x5=E3Hw&~-YS;rZ%I%_74ZSn zH(L5Ob;p3XHSOf`#BlyChcv;CDg$2^N~AATiFXbn%6l(~>k!9a1WIhsOzi0c!=-f4 z%39a))UeCwd+q0=((wI*nmNX&3~mJ=o?Ky_p93IfiX4R`H=K%8=LrdS=ca%le0wu$ zaZG<jeTZpweQhlVs5mn>sfY_eS}D%|qM^$dDnWr<76e1W)@FAjaB(J@xW z^m$YjB*Z^t>)9eWMT&By7qN?6+B}W^)J}tG;X11nnM?~+YVY%&kbZ4lSI^%I=ZyLi z7In4U*<{elurnE%G-Sud5>Sh=5<-KVx*D;7$DLJQ?5f<g08Tej^ru=p7dKcQgvp5?Z)@|jY98MOxDs&pO8Zr& zNOA5YV95I6F0BVh4*@Z(1DN{Vyr)sj%0AOMA(S3Yj-LjoDVr4{^C^3e^~>{vn{WiG zOu2S_k+nh9S2XHm$~^pO?%w?6yod_pVLrx%{SI$b?kK`WV1fX$fO&DSwRqT%T)dst zF%4=(~BUGXp9${2qCuu54SeJg{sBo6aV^f>0=%QW#X+E-MZI8SaCmKwsG@@w~aGmU^ z#JJ~ZPFi%5HP(UM*X54W(y+9~gH{T3CA(O55Np^*lbY8?qq01zUPoo(u;Ceq8^XSE z)kIAf9g%2vOCx<3Gprqnx*BntP;-kb4L6S5evh4@C;vQW=GY*z1m1$@=9e7toqy(? zxwOlAnwP8^Oq07D7;mJmNcf5@h+0=Mf(*l9dt62`^ArF$gO7c_HA3HjJ6{3ht&KMx zlp|~KBaLQeA6!FBra5@{a`Atfc0AL0`H#;EvtO3bAdMRi)eqnwWh{^tn}@pX6-~ju z-pl;_KG&PkbR_a-a?>4>qyvN|$llkQj|#fPwQ({lq*W7OwS6?|Hj~atg^J%42HkUg zZ`pV$w3;gsIRPreDPRt^ISW(J=QzkV+-mBzx%Mx5yqoUz-CDy-BaiV`R$spz3 z7!v*yJi652ydNa|aC!x46+)E=49$mn^S_LkFl<%jr(e$4?m)_%c8i#JeNnfA;ecH` z;2I>34`%^m+W`cshNo|Ma(X`2keP*SmsFcJes}roZA5IoyLT=-cBVJ2vwK^ zoOaG8ii#5+vgqHWnKEtryoXT0800U%)bpJuXM0pPQhB86S&R)3ou>*pi(;Ga4e0XC z2M|wKIrYqukrdWtBUB+^K(zowP4M)v7@4MDsLHbm;LG z7AQ_y?>l|j(l(0Ttk|@HL|)`QZ@k2cGiRf$C(t~i@U?M!p5Q7s5VY)V{*F{DsBb;k z>bOvJN6=gvoA9!QyO1$>0om-i-L Ltok-tOGH8(?srA3