diff options
author | tv <tv@krebsco.de> | 2017-06-04 06:20:54 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-06-04 06:20:54 +0200 |
commit | 811ceaa243bf5241ca1189871c4426240962f04d (patch) | |
tree | f46006567b5f9279ebd9cb23de3eadb508f83c54 /makefu/2configs/share | |
parent | 4f58b884dda57db8106768a22a206d6605d6e3e5 (diff) | |
parent | e50bc4f3eb3dac13bba4ae6158e839a52455c3c3 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs/share')
-rw-r--r-- | makefu/2configs/share/gum.nix | 39 | ||||
-rw-r--r-- | makefu/2configs/share/omo.nix | 69 | ||||
-rw-r--r-- | makefu/2configs/share/temp-share-samba.nix | 31 |
3 files changed, 139 insertions, 0 deletions
diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix new file mode 100644 index 000000000..e578f43d3 --- /dev/null +++ b/makefu/2configs/share/gum.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + hostname = config.krebs.build.host.name; +in { + # users.users.smbguest = { + # name = "smbguest"; + # uid = config.ids.uids.smbguest; + # description = "smb guest user"; + # home = "/var/empty"; + # }; + + users.users.download = { }; + services.samba = { + enable = true; + shares = { + download = { + path = "/var/download"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "download"; + }; + }; + extraConfig = '' + # guest account = smbguest + # map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport 445 -j ACCEPT + ''; +} diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix new file mode 100644 index 000000000..7d7a4ec57 --- /dev/null +++ b/makefu/2configs/share/omo.nix @@ -0,0 +1,69 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + hostname = config.krebs.build.host.name; + # TODO local-ip from the nets config + local-ip = "192.168.1.11"; + # local-ip = config.krebs.build.host.nets.retiolum.ip4.addr; +in { + + # samba share /media/crypt1/share + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + description = "smb guest user"; + home = "/var/empty"; + }; + services.samba = { + enable = true; + shares = { + winshare = { + path = "/media/crypt1/share"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + emu = { + path = "/media/crypt1/emu"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + usenet = { + path = "/media/crypt0/usenet/dst"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + pyload = { + path = "/media/crypt0/pyload"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + crypt0 = { + path = "/media/crypt0"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + media-rw = { + path = "/media/"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "makefu"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix new file mode 100644 index 000000000..0907c2dbf --- /dev/null +++ b/makefu/2configs/share/temp-share-samba.nix @@ -0,0 +1,31 @@ +{config, ... }:{ + networking.firewall.allowedUDPPorts = [ 137 138 ]; + networking.firewall.allowedTCPPorts = [ 139 445 ]; + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + description = "smb guest user"; + home = "/home/share"; + createHome = true; + }; + services.samba = { + enable = true; + shares = { + share-home = { + path = "/home/share/"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} |