patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

feat: smb works now

Browse source
This commit is contained in:
Patrick Großmann 2023-11-05 15:54:29 +01:00
parent 9850c8b757
commit 89d249b3b0
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
4 changed files with 9 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
modules/services/samba.nix
View file

@ -11,13 +11,14 @@
securityType = "user";
openFirewall = true;
extraConfig = ''
logging = systemd
log level = 1
hosts allow = 192.168.178. 127.0.0.1 10.0.0. localhost
logging = systemd
log level = 0 auth:2 passdb:2
hosts allow = 192.168.178. 127.0.0.1 10.0.0. localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
passdb backend = tdbsam:/tmp/smbpasswd.tdb
passdb backend = tdbsam:${config.age.secrets.smbpassdb.path}
server role = standalone
'';
shares = {
ggr-data = {
@ -52,16 +53,14 @@
};
};
};
age.secrets.smbpasswd.rekeyFile = ../../secrets/smbpasswd.age;
system.activationScripts.importSMBPasswd = {
text = ''
${config.services.samba.package}/bin/pdbedit -i smbpasswd:${config.age.secrets.smbpasswd.path} -e tdbsam:/tmp/smbpasswd.tdb
'';
# to get this file start a smbd add users using 'smbpasswd -a <user>'
# then export the database using 'pdbedit -e tdbsam:<location>'
age.secrets.smbpassdb = {
rekeyFile = ../../secrets/smbpassdb.tdb.age;
};
users.users.smb = {
isSystemUser = true;
group = "smb";
hashedPassword = config.secrets.secrets.global.users.smb.passwordHash;
};
users.groups.smb = {};
environment.persistence."/panzer/persist".directories = [

BIN
secrets/smbpassdb.tdb.age Normal file
View file

Binary file not shown.

12
secrets/smbpasswd.age
View file

@ -1,12 +0,0 @@
age-encryption.org/v1
-> X25519 +UZl4Y69NOKiZi0MJJv2/3mGCgjZRXZdrEVfBRY2NF4
CthaYoLtCoMLHiyS8L19HC77uuCj6aS/98qEdscRJMI
-> piv-p256 XTQkUA A3Tarwc4HTchv1AfPFSA9b+k3ZsTG92/MHZfQ9SdMZ1G
U8fOA4rkZjBKDEvsrM+B4WuUMvglyL424kmOYsnKYDA
-> piv-p256 ZFgiIw Al8+gVzwlrMIreKKwaUN/nefUxXnBTwFbWK7bofuXeTN
dkQzqvyI6UgyQFCkEuNjaN/fNDt+h9WVhlZCfmZ9hgg
-> :>hC-grease
lzYcEp/H6m//Nh4i7BHCaIrledYuikG5NzA1VinqtyIgXFSVMNQzERL9cPz/XJu5
il4xJbAR01BSJIRvX//JMNJEC7U+hEAP
--- XU8Jypn1JQeq8Y8YpFAtQWhJQR8bhvUndsReymbdqSY
ÃâDùV!8:2?´£b<cGåb[ÍN )ø…ЬcÊs´ÉA¡™ë  åT9ª…#ÞГ¤2÷uâúT'ff5W¹ S,y§aQ`÷½ào·<6F>눷ÌBáhn¯'þ_ø¹ˆƒI”,vP=à]<>Øt]¾•U­ÌÏç

BIN
smbpasswd.tdb Normal file
View file

Binary file not shown.