75 lines
2.1 KiB
Nix
Executable File
75 lines
2.1 KiB
Nix
Executable File
{ lib, config, ... }:
|
|
with lib;
|
|
let
|
|
cfg = config.nas-samba;
|
|
sambaShares =
|
|
let
|
|
make =
|
|
name: share:
|
|
nameValuePair "${name}" {
|
|
path = share.sharePath;
|
|
public = if share.enableTimeMachine then "no" else "yes";
|
|
browseable = if share.browseable then "yes" else "no";
|
|
writable = "yes";
|
|
"force group" = "jallen-nas";
|
|
"read only" = if share.readOnly then "yes" else "no";
|
|
"guest ok" = if share.guestOk then "yes" else "no";
|
|
"create mask" = share.createMask;
|
|
"directory mask" = share.directoryMask;
|
|
"fruit:aapl" = if share.enableTimeMachine then "yes" else "no";
|
|
"fruit:time machine" = if share.enableTimeMachine then "yes" else "no";
|
|
"vfs objects" = "catia fruit streams_xattr";
|
|
"fruit:time machine max size" = share.timeMachineMaxSize;
|
|
};
|
|
in
|
|
mapAttrs' make cfg.shares;
|
|
in
|
|
{
|
|
imports = [ ./options.nix ];
|
|
|
|
config = mkIf cfg.enable {
|
|
# make shares visible for Windows clients
|
|
services.samba-wsdd = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
|
|
services.netatalk = {
|
|
enable = cfg.enableTimeMachine;
|
|
settings = {
|
|
time-machine = {
|
|
path = cfg.timeMachinePath;
|
|
"valid users" = "whoever";
|
|
"time machine" = cfg.enableTimeMachine;
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall.enable = true;
|
|
networking.firewall.allowPing = true;
|
|
|
|
services.samba = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
nsswins = true;
|
|
nmbd.enable = true;
|
|
settings = {
|
|
global = {
|
|
"workgroup" = "WORKGROUP";
|
|
"server string" = "Jallen-NAS";
|
|
"netbios name" = "Jallen-NAS";
|
|
"security" = "user";
|
|
#"use sendfile" = "yes";
|
|
#"max protocol" = "smb2";
|
|
# note: localhost is the ipv6 localhost ::1
|
|
"hosts allow" = "10.0.1. 127.0.0.1 localhost";
|
|
"hosts deny" = "0.0.0.0/0";
|
|
"guest account" = "nobody";
|
|
"map to guest" = "bad user";
|
|
};
|
|
}
|
|
// sambaShares;
|
|
};
|
|
};
|
|
}
|