smb more

2024-04-10 17:18:31 +02:00 · 2024-04-10 17:18:31 +02:00 · 7a08654e28
parent 5ef3c78d4b
commit 7a08654e28
2 changed files with 43 additions and 8 deletions
--- a/machines/galadriel/configuration.nix
+++ b/machines/galadriel/configuration.nix
@ -124,8 +124,8 @@
  services.tailscale.enable = true;

  # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 22 80 8090 8096 443 433 6969 1194 ];
-  networking.firewall.allowedUDPPorts = [ 22 80 8090 8096 443 433 6969 1194 ];
+  networking.firewall.allowedTCPPorts = [ 22 80 8090 8096 443 433 6969 1194 445 139];
+  networking.firewall.allowedUDPPorts = [ 22 80 8090 8096 443 433 6969 1194 137 138];
  networking.firewall.enable = true;

 ##storage
--- a/services/smb.nix
+++ b/services/smb.nix
@ -3,6 +3,7 @@


 services.samba = {
+  package = pkgs.samba4Full;
  enable = true;
  securityType = "user";
  openFirewall = true;
@ -13,13 +14,13 @@ services.samba = {
    security = user 
    #use sendfile = yes
    #max protocol = smb2
-    min protocol = SMB2
+    min protocol = SMB3_00
+    server smb encrypt = required
    # note: localhost is the ipv6 localhost ::1
    hosts allow = 192.168.1. 127.0.0.1 localhost 100.
    hosts deny = 0.0.0.0/0
-    guest account = nobody
+    guest account = guest
    map to guest = bad user
-    smb encrypt = required
  '';
  shares = {
   # public = {
@ -39,9 +40,9 @@ services.samba = {
      "force group" = "gunalx";
      browseable = "yes";
      "read only" = "no";
-      "guest ok" = "no";
-      "create mask" = "0644";
-      "directory mask" = "0755";
+      "guest ok" = "yes";
+      "create mask" = "0777";
+      "directory mask" = "0777";
    };
  };
 };
@ -55,4 +56,38 @@ services.samba-wsdd = {
 networking.firewall.allowPing = true;


+
+
+
+services.avahi.openfirewall = true;
+services.avahi = {
+    enable = true;
+    nssmdns = true;
+    nssmdns4 = true;
+    publish = {
+      enable = true;
+      addresses = true;
+      domain = true;
+      hinfo = true;
+      userServices = true;
+      workstation = true;
+    };
+    extraServiceFiles = {
+      smb = ''
+        <?xml version="1.0" standalone='no'?><!--*-nxml-*-->
+        <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+        <service-group>
+          <name replace-wildcards="yes">%h</name>
+          <service>
+            <type>_smb._tcp</type>
+            <port>445</port>
+          </service>
+        </service-group>
+      '';
+    };
+  };
+
+
+
+
 }