74 lines
1.9 KiB
Nix
Executable File
74 lines
1.9 KiB
Nix
Executable File
{
|
|
lib,
|
|
config,
|
|
namespace,
|
|
...
|
|
}:
|
|
with lib;
|
|
let
|
|
cfg = config.${namespace}.samba;
|
|
|
|
makeShare =
|
|
name: share:
|
|
let
|
|
isTimeMachine = share.enableTimeMachine;
|
|
baseAttrs = {
|
|
path = share.sharePath;
|
|
browseable = if share.browseable then "yes" else "no";
|
|
"read only" = if share.readOnly then "yes" else "no";
|
|
"guest ok" = if share.guestOk then "yes" else "no";
|
|
"create mask" = share.createMask;
|
|
"directory mask" = share.directoryMask;
|
|
}
|
|
// optionalAttrs (cfg.forceGroup != "") { "force group" = cfg.forceGroup; };
|
|
|
|
timeMachineAttrs = {
|
|
"vfs objects" = "catia fruit streams_xattr";
|
|
"fruit:aapl" = "yes";
|
|
"fruit:time machine" = "yes";
|
|
}
|
|
// optionalAttrs (share.timeMachineMaxSize != "") {
|
|
"fruit:time machine max size" = share.timeMachineMaxSize;
|
|
};
|
|
in
|
|
nameValuePair name (baseAttrs // optionalAttrs isTimeMachine timeMachineAttrs);
|
|
|
|
sambaShares = mapAttrs' makeShare cfg.shares;
|
|
in
|
|
{
|
|
imports = [ ./options.nix ];
|
|
|
|
config = mkIf cfg.enable {
|
|
# Make shares visible for Windows clients via WS-Discovery
|
|
services.samba-wsdd = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
|
|
services.samba = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
nsswins = true;
|
|
nmbd.enable = true;
|
|
settings = {
|
|
global = {
|
|
workgroup = "WORKGROUP";
|
|
"server string" = config.networking.hostName;
|
|
"netbios name" = config.networking.hostName;
|
|
security = "user";
|
|
"hosts allow" = cfg.hostsAllow;
|
|
"hosts deny" = "0.0.0.0/0";
|
|
"guest account" = "nobody";
|
|
"map to guest" = "bad user";
|
|
}
|
|
// optionalAttrs cfg.enableTimeMachine {
|
|
# Required globals for macOS Time Machine over SMB3
|
|
"fruit:aapl" = "yes";
|
|
"fruit:model" = "MacSamba";
|
|
};
|
|
}
|
|
// sambaShares;
|
|
};
|
|
};
|
|
}
|