Daholli/nixos-config
1
0
Fork 0
Code Issues 2 Pull requests Releases Packages Activity Actions

nixberry: move samba to its own file

Browse source
This commit is contained in:
Christoph Hollizeck 2025-12-04 16:32:25 +01:00
parent 1a454a6c50
commit a64b6a9e60
Signed by: Daholli
GPG key ID: 249300664F2AF2C7
2 changed files with 73 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

68
modules/hosts/nixberry/default.nix
View file

@ -8,7 +8,6 @@ topLevel: {
... ...
}: }:
let let
ipAddress = "192.168.178.2"; ipAddress = "192.168.178.2";
sopsFile = ../../../secrets/secrets-nixberry.yaml; sopsFile = ../../../secrets/secrets-nixberry.yaml;
in in
@ -287,72 +286,5 @@ topLevel: {
}; };
openFirewall = true; openFirewall = true;
}; };
sops.secrets = {
"samba/cholli" = {
sopsFile = ../../../secrets/secrets.yaml;
};
};
services = {
samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"smb3 unix extensions" = "yes";
};
cholli = {
path = "/storage/cholli";
browsable = "yes";
writable = "yes";
"create mask" = "0664";
"directory mask" = "0775";
"force group" = "users";
};
kaman = {
path = "/storage/kaman";
browsable = "yes";
writable = "yes";
"create mask" = "0664";
"directory mask" = "0775";
"force group" = "users";
};
};
};
avahi.enable = true;
samba-wsdd = {
enable = true;
openFirewall = true;
};
};
# add user passwords
systemd.services.samba-smbd.postStart =
let
users = [
"cholli"
];
setupUser =
user:
let
passwordPath = config.sops.secrets."samba/${user}".path;
smbpasswd = "${config.services.samba.package}/bin/smbpasswd";
in
''
(echo $(< ${passwordPath});
echo $(< ${passwordPath})) | \
${smbpasswd} -s -a ${user}
'';
in
''
${builtins.concatStringsSep "\n" (map setupUser users)}
'';
}; };
} }

73
modules/hosts/nixberry/samba.nix Normal file
View file

@ -0,0 +1,73 @@
{
flake.modules.nixos."hosts/nixberry" =
{ config, ... }:
{
sops.secrets = {
"samba/cholli" = {
sopsFile = ../../../secrets/secrets.yaml;
};
};
services = {
samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"smb3 unix extensions" = "yes";
};
cholli = {
path = "/storage/cholli";
browsable = "yes";
writable = "yes";
"create mask" = "0664";
"directory mask" = "0775";
"force group" = "users";
};
kaman = {
path = "/storage/kaman";
browsable = "yes";
writable = "yes";
"create mask" = "0664";
"directory mask" = "0775";
"force group" = "users";
};
};
};
avahi.enable = true;
samba-wsdd = {
enable = true;
openFirewall = true;
};
};
# add user passwords
systemd.services.samba-smbd.postStart =
let
users = [
"cholli"
];
setupUser =
user:
let
passwordPath = config.sops.secrets."samba/${user}".path;
smbpasswd = "${config.services.samba.package}/bin/smbpasswd";
in
''
(echo $(< ${passwordPath});
echo $(< ${passwordPath})) | \
${smbpasswd} -s -a ${user}
'';
in
''
${builtins.concatStringsSep "\n" (map setupUser users)}
'';
};
}