nixberry: move samba to its own file
This commit is contained in:
parent
1a454a6c50
commit
a64b6a9e60
GPG key ID:
249300664F2AF2C7
2 changed files with 73 additions and 68 deletions
|
|
@ -8,7 +8,6 @@ topLevel: {
|
|||
...
|
||||
}:
|
||||
let
|
||||
|
||||
ipAddress = "192.168.178.2";
|
||||
sopsFile = ../../../secrets/secrets-nixberry.yaml;
|
||||
in
|
||||
|
|
@ -287,72 +286,5 @@ topLevel: {
|
|||
};
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
sops.secrets = {
|
||||
"samba/cholli" = {
|
||||
sopsFile = ../../../secrets/secrets.yaml;
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
samba = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
|
||||
settings = {
|
||||
global = {
|
||||
"smb3 unix extensions" = "yes";
|
||||
};
|
||||
|
||||
cholli = {
|
||||
path = "/storage/cholli";
|
||||
browsable = "yes";
|
||||
writable = "yes";
|
||||
"create mask" = "0664";
|
||||
"directory mask" = "0775";
|
||||
"force group" = "users";
|
||||
};
|
||||
|
||||
kaman = {
|
||||
path = "/storage/kaman";
|
||||
browsable = "yes";
|
||||
writable = "yes";
|
||||
"create mask" = "0664";
|
||||
"directory mask" = "0775";
|
||||
"force group" = "users";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
avahi.enable = true;
|
||||
samba-wsdd = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
|
||||
# add user passwords
|
||||
systemd.services.samba-smbd.postStart =
|
||||
let
|
||||
users = [
|
||||
"cholli"
|
||||
];
|
||||
setupUser =
|
||||
user:
|
||||
let
|
||||
passwordPath = config.sops.secrets."samba/${user}".path;
|
||||
smbpasswd = "${config.services.samba.package}/bin/smbpasswd";
|
||||
in
|
||||
''
|
||||
(echo $(< ${passwordPath});
|
||||
echo $(< ${passwordPath})) | \
|
||||
${smbpasswd} -s -a ${user}
|
||||
'';
|
||||
in
|
||||
''
|
||||
${builtins.concatStringsSep "\n" (map setupUser users)}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue