117 lines
3.0 KiB
Nix
117 lines
3.0 KiB
Nix
|
{ config, pkgs, ... }:
|
||
|
|
|
||
|
|
|
||
|
|
{
|
||
|
|
services.samba = {
|
||
|
|
enable = true;
|
||
|
|
# securityType = "user";
|
||
|
|
openFirewall = true;
|
||
|
|
settings = {
|
||
|
|
global = {
|
||
|
|
"workgroup" = "WORKGROUP";
|
||
|
|
"server role" = "standalone server";
|
||
|
|
"server string" = "wlin003";
|
||
|
|
"netbios name" = "wlin003";
|
||
|
|
"global.security" = "user";
|
||
|
|
"min protocol" = "smb3_11";
|
||
|
|
"max protocol" = "smb3_11";
|
||
|
|
"wide links" = "no";
|
||
|
|
"follow symlinks" = "no";
|
||
|
|
|
||
|
|
#### Networking ####
|
||
|
|
"bind interfaces only" = "yes";
|
||
|
|
"interfaces" = "lo eth0";
|
||
|
|
# note: localhost is the ipv6 localhost ::1
|
||
|
|
"hosts allow" = "192.168.10.0/24 127.0.0.1 localhost";
|
||
|
|
"hosts deny" = "0.0.0.0/0";
|
||
|
|
|
||
|
|
### Browsing election options ###
|
||
|
|
"wins support" = "no";
|
||
|
|
"name resolve order" = "host bcast lmhosts";
|
||
|
|
"multicast dns register" = "yes";
|
||
|
|
"dns proxy" = "yes";
|
||
|
|
|
||
|
|
####### Authentication #######
|
||
|
|
"guest account" = "zulumann";
|
||
|
|
"map to guest" = "bad user";
|
||
|
|
|
||
|
|
### Tuning ###
|
||
|
|
"socket options" = "TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_RCVBUF=131072 SO_SNDBUF=131072";
|
||
|
|
"use sendfile" = "yes";
|
||
|
|
"getwd cache" = "yes";
|
||
|
|
"stat cache" = "yes";
|
||
|
|
"min receivefile size" = "16384";
|
||
|
|
"write raw" = "yes";
|
||
|
|
"read raw" = "yes";
|
||
|
|
"max xmit" = "32768";
|
||
|
|
"deadtime" = "15";
|
||
|
|
"keepalive" = "150";
|
||
|
|
"sync always" = "no";
|
||
|
|
"large readwrite" = "yes";
|
||
|
|
"strict sync" = "no";
|
||
|
|
"strict allocate" = "yes";
|
||
|
|
"strict locking" = "auto";
|
||
|
|
"server multi channel support" = "yes";
|
||
|
|
"aio write size" = "1";
|
||
|
|
"aio read size" = "1";
|
||
|
|
"idmap cache time" = "604";
|
||
|
|
|
||
|
|
#### Debugging ####
|
||
|
|
"log level" = "1";
|
||
|
|
"log file" = "/var/log/samba/log.%m";
|
||
|
|
"max log size" = "1000";
|
||
|
|
"logging" = "file";
|
||
|
|
"panic action" = "/usr/share/samba/panic-action %d";
|
||
|
|
};
|
||
|
|
|
||
|
|
|
||
|
|
"Share" = {
|
||
|
|
"path" = "/home/zulumann/Share-SMB";
|
||
|
|
"browseable" = "yes";
|
||
|
|
"read only" = "no";
|
||
|
|
"guest ok" = "yes";
|
||
|
|
"public" = "yes";
|
||
|
|
"writable" = "yes";
|
||
|
|
"create mask" = "0644";
|
||
|
|
"directory mask" = "0755";
|
||
|
|
};
|
||
|
|
|
||
|
|
"Private" = {
|
||
|
|
"path" = "/home/zulumann/Share-Priv";
|
||
|
|
"browseable" = "yes";
|
||
|
|
"read only" = "no";
|
||
|
|
"guest ok" = "no";
|
||
|
|
"create mask" = "0644";
|
||
|
|
"directory mask" = "0755";
|
||
|
|
#"force user" = "zulumann";
|
||
|
|
#"force group" = "zulumann";
|
||
|
|
};
|
||
|
|
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
services.samba-wsdd = {
|
||
|
|
enable = true;
|
||
|
|
openFirewall = true;
|
||
|
|
};
|
||
|
|
|
||
|
|
services.avahi.extraServiceFiles = {
|
||
|
|
smb = ''
|
||
|
|
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
|
||
|
|
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
|
||
|
|
<service-group>
|
||
|
|
<name replace-wildcards="yes">%h - SMB/CIFS</name>
|
||
|
|
<service>
|
||
|
|
<type>_smb._tcp</type>
|
||
|
|
<port>445</port>
|
||
|
|
</service>
|
||
|
|
</service-group>
|
||
|
|
'';
|
||
|
|
};
|
||
|
|
|
||
|
|
}
|
||
|
|
|
||
|
|
# User Authentication
|
||
|
|
# For a user called my_userto be authenticated on the samba server, you must add their password using
|
||
|
|
# sudo smbpasswd -a my_user
|