mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
f8a86f9b29d0120a89559ed6fa86f3909e87dd8a
nix-config/modules/nixos/services/samba/default.nix
mjallen18 a925fccda1 couple fixes
2026-03-17 19:16:31 -05:00

75 lines
2.0 KiB
Nix
Executable File
Raw Blame History

{
lib,
config,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.samba;
makeShare =
name: share:
let
isTimeMachine = share.enableTimeMachine;
baseAttrs = {
path = share.sharePath;
browseable = if share.browseable then "yes" else "no";
"read only" = if share.readOnly then "yes" else "no";
"guest ok" = if share.guestOk then "yes" else "no";
"create mask" = share.createMask;
"directory mask" = share.directoryMask;
}
// optionalAttrs (cfg.forceGroup != "") { "force group" = cfg.forceGroup; }
// optionalAttrs (cfg.forceUser != "") { "force user" = cfg.forceUser; };
timeMachineAttrs = {
"vfs objects" = "catia fruit streams_xattr";
"fruit:aapl" = "yes";
"fruit:time machine" = "yes";
}
// optionalAttrs (share.timeMachineMaxSize != "") {
"fruit:time machine max size" = share.timeMachineMaxSize;
};
in
nameValuePair name (baseAttrs // optionalAttrs isTimeMachine timeMachineAttrs);
sambaShares = mapAttrs' makeShare cfg.shares;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
# Make shares visible for Windows clients via WS-Discovery
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.samba = {
enable = true;
openFirewall = true;
nsswins = true;
nmbd.enable = true;
settings = {
global = {
workgroup = "WORKGROUP";
"server string" = config.networking.hostName;
"netbios name" = config.networking.hostName;
security = "user";
"hosts allow" = cfg.hostsAllow;
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
}
// optionalAttrs cfg.enableTimeMachine {
# Required globals for macOS Time Machine over SMB3
"fruit:aapl" = "yes";
"fruit:model" = "MacSamba";
};
}
// sambaShares;
};
};
}
Reference in New Issue View Git Blame Copy Permalink