-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add Avahi and Samba configurations for network services
Introduce Avahi and Samba configurations to enable network services and file sharing functionalities for the NAS system. Configure necessary settings for Avahi and Samba to facilitate network discovery and file sharing capabilities. Include specific configurations for services, firewall rules, and shared directories. Set up user and group permissions for NAS functionality. Install required packages for network management and monitoring.
- Loading branch information
Showing
3 changed files
with
171 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| { | ||
| config, | ||
| lib, | ||
| pkgs, | ||
| ... | ||
| }: { | ||
| services.avahi = { | ||
| enable = true; | ||
| nssmdns = true; | ||
| openFirewall = true; | ||
| publish = { | ||
| enable = true; | ||
| addresses = true; | ||
| domain = true; | ||
| hinfo = true; | ||
| userServices = true; | ||
| workstation = true; | ||
| }; | ||
| extraServiceFiles = { | ||
| smb = '' | ||
| <?xml version="1.0" standalone='no'?><!--*-nxml-*--> | ||
| <!DOCTYPE service-group SYSTEM "avahi-service.dtd"> | ||
| <service-group> | ||
| <name replace-wildcards="yes">%h</name> | ||
| <service> | ||
| <type>_smb._tcp</type> | ||
| <port>445</port> | ||
| </service> | ||
| </service-group> | ||
| ''; | ||
| }; | ||
| }; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,117 @@ | ||
| { | ||
| config, | ||
| lib, | ||
| pkgs, | ||
| ... | ||
| }: { | ||
| services.samba-wsdd.enable = true; | ||
| services.samba-wsdd.workgroup = "WORKGROUP"; | ||
| networking.firewall.allowedTCPPorts = [ | ||
| 5357 # wsdd | ||
| ]; | ||
| networking.firewall.allowedUDPPorts = [ | ||
| 3702 # wsdd | ||
| ]; | ||
| services.samba = { | ||
| enable = true; | ||
| securityType = "user"; | ||
| enableNmbd = true; # namespace and browsing suport | ||
| enableWinbindd = true; # integrations linux user auth | ||
| openFirewall = true; | ||
| extraConfig = '' | ||
| # server string = nas | ||
| # netbios name = nas | ||
| workgroup = WORKGROUP | ||
| browseable = yes | ||
| smb encrypt = auto | ||
| load printers = no | ||
| printcap name = /dev/null | ||
| guest account = nobody | ||
| map to guest = bad user | ||
| hosts allow = 10.0.7. 10.0.2. 10.2.0. 127.0.0.1 localhost | ||
| hosts deny = 0.0.0.0/0 | ||
| vfs objects = catia fruit streams_xattr | ||
| fruit:nfs_aces = no | ||
| fruit:zero_file_id = yes | ||
| fruit:metadata = stream | ||
| fruit:encoding = native | ||
| spotlight backend = tracker | ||
| fruit:model = MacPro7,1@ECOLOR=226,226,224 | ||
| fruit:wipe_intentionally_left_blank_rfork = yes | ||
| fruit:delete_empty_adfiles = yes | ||
| ''; | ||
|
|
||
| # Don't forget to run `smbpasswd -a <user>` to set the passwords (the user must already exit) | ||
| shares = { | ||
| timemachine = { | ||
| path = "/mnt/tank/backups/timemachine"; | ||
| browseable = "yes"; | ||
| # "valid users" = "root"; | ||
| public = "no"; | ||
| writeable = "yes"; | ||
| "force user" = "root"; | ||
| "force group" = "root"; | ||
| "fruit:aapl" = "yes"; | ||
| "fruit:time machine" = "yes"; | ||
| "vfs objects" = "catia fruit streams_xattr"; | ||
| }; | ||
| Tesla = { | ||
| path = "/mnt/tank/media/Videos/Tesla"; | ||
| browseable = "yes"; | ||
| "force user" = "nas"; | ||
| "force group" = "nas"; | ||
| "guest ok" = "no"; | ||
| public = "no"; | ||
| "read only" = "no"; | ||
| writeable = "yes"; | ||
| "create mask" = "0666"; | ||
| "directory mask" = "0777"; | ||
| "veto files" = "/._*/.DS_Store/"; | ||
| "delete veto files" = "yes"; | ||
| "spotlight" = "yes"; | ||
| }; | ||
| media = { | ||
| path = "/mnt/tank/media"; | ||
| browseable = "yes"; | ||
| "force user" = "nas"; | ||
| # "force group" = "nas"; | ||
| "guest ok" = "no"; | ||
| public = "no"; | ||
| "read only" = "no"; | ||
| writeable = "yes"; | ||
| "create mask" = "0666"; | ||
| "directory mask" = "0777"; | ||
| "veto files" = "/._*/.DS_Store/"; | ||
| "delete veto files" = "yes"; | ||
| "spotlight" = "yes"; | ||
| }; | ||
| Photographs = { | ||
| path = "/mnt/tank/media/Photographs"; | ||
| browseable = "yes"; | ||
| "force user" = "nas"; | ||
| "force group" = "nas"; | ||
| "guest ok" = "no"; | ||
| public = "no"; | ||
| "read only" = "no"; | ||
| writeable = "yes"; | ||
| "create mask" = "0666"; | ||
| "directory mask" = "0777"; | ||
| "veto files" = "/._*/.DS_Store/"; | ||
| "delete veto files" = "yes"; | ||
| "spotlight" = "yes"; | ||
| }; | ||
| backups = { | ||
| path = "/mnt/tank/backups"; | ||
| browseable = "yes"; | ||
| "force user" = "root"; | ||
| "force group" = "root"; | ||
| "guest ok" = "no"; | ||
| public = "no"; | ||
| "read only" = "no"; | ||
| writeable = "yes"; | ||
| "veto files" = "/._*/.DS_Store/"; | ||
| "delete veto files" = "yes"; | ||
| }; | ||
| }; | ||
| }; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters