diff --git a/machines/galadriel/configuration.nix b/machines/galadriel/configuration.nix index 9381a91..b81d402 100644 --- a/machines/galadriel/configuration.nix +++ b/machines/galadriel/configuration.nix @@ -124,8 +124,8 @@ services.tailscale.enable = true; # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 80 8090 8096 443 433 6969 1194 ]; - networking.firewall.allowedUDPPorts = [ 22 80 8090 8096 443 433 6969 1194 ]; + networking.firewall.allowedTCPPorts = [ 22 80 8090 8096 443 433 6969 1194 445 139]; + networking.firewall.allowedUDPPorts = [ 22 80 8090 8096 443 433 6969 1194 137 138]; networking.firewall.enable = true; ##storage diff --git a/services/smb.nix b/services/smb.nix index 7ef20cf..6637ab8 100644 --- a/services/smb.nix +++ b/services/smb.nix @@ -3,6 +3,7 @@ services.samba = { + package = pkgs.samba4Full; enable = true; securityType = "user"; openFirewall = true; @@ -13,13 +14,13 @@ services.samba = { security = user #use sendfile = yes #max protocol = smb2 - min protocol = SMB2 + min protocol = SMB3_00 + server smb encrypt = required # note: localhost is the ipv6 localhost ::1 hosts allow = 192.168.1. 127.0.0.1 localhost 100. hosts deny = 0.0.0.0/0 - guest account = nobody + guest account = guest map to guest = bad user - smb encrypt = required ''; shares = { # public = { @@ -39,9 +40,9 @@ services.samba = { "force group" = "gunalx"; browseable = "yes"; "read only" = "no"; - "guest ok" = "no"; - "create mask" = "0644"; - "directory mask" = "0755"; + "guest ok" = "yes"; + "create mask" = "0777"; + "directory mask" = "0777"; }; }; }; @@ -55,4 +56,38 @@ services.samba-wsdd = { networking.firewall.allowPing = true; + + + +services.avahi.openfirewall = true; +services.avahi = { + enable = true; + nssmdns = true; + nssmdns4 = true; + publish = { + enable = true; + addresses = true; + domain = true; + hinfo = true; + userServices = true; + workstation = true; + }; + extraServiceFiles = { + smb = '' + + + + %h + + _smb._tcp + 445 + + + ''; + }; + }; + + + + }