2024-01-23 05:29:17 +01:00
|
|
|
{ config, lib, ... }:
|
|
|
|
{
|
|
|
|
# 100.120.148.116
|
|
|
|
services.samba = {
|
|
|
|
enable = true;
|
|
|
|
# openFirewall = true;
|
|
|
|
|
2024-11-18 15:18:52 +01:00
|
|
|
settings = {
|
|
|
|
global = {
|
|
|
|
"workgroup" = "TSUKI";
|
|
|
|
"server string" = "smbnix";
|
|
|
|
"netbios name" = "smbnix";
|
2024-01-23 05:29:17 +01:00
|
|
|
|
2024-11-18 15:18:52 +01:00
|
|
|
"security" = "user";
|
2024-01-23 05:29:17 +01:00
|
|
|
|
2024-11-18 15:18:52 +01:00
|
|
|
"use sendfile" = "yes";
|
|
|
|
"min protocol" = "SMB2";
|
|
|
|
"smb encrypt" = "desired";
|
2024-01-23 05:29:17 +01:00
|
|
|
|
2024-11-18 15:18:52 +01:00
|
|
|
# note: localhost is the ipv6 localhost ::1
|
|
|
|
"hosts allow" = "100.107.69.8 100.100.65.88";
|
|
|
|
"hosts deny" = "0.0.0.0/0";
|
2024-01-23 05:29:17 +01:00
|
|
|
|
2024-11-18 15:18:52 +01:00
|
|
|
"guest ok" = "no";
|
|
|
|
"map to guest" = "never";
|
|
|
|
};
|
2024-01-23 05:29:17 +01:00
|
|
|
cirno = {
|
|
|
|
path = "/data/cirno";
|
|
|
|
browseable = "yes";
|
|
|
|
"valid users" = "h7x4";
|
|
|
|
"read only" = "no";
|
|
|
|
"guest ok" = "no";
|
|
|
|
"create mask" = "0600";
|
|
|
|
"directory mask" = "0700";
|
|
|
|
"force user" = "h7x4";
|
|
|
|
"force group" = "users";
|
|
|
|
"comment" = "cirno data drive";
|
|
|
|
};
|
|
|
|
backup-import = {
|
|
|
|
path = "/data/backup/import";
|
|
|
|
browseable = "yes";
|
|
|
|
"valid users" = "h7x4";
|
|
|
|
"read only" = "no";
|
|
|
|
"guest ok" = "no";
|
|
|
|
"create mask" = "0600";
|
|
|
|
"directory mask" = "0700";
|
|
|
|
"force user" = "h7x4";
|
|
|
|
"force group" = "users";
|
|
|
|
"comment" = "backup import drive";
|
|
|
|
};
|
|
|
|
media = {
|
|
|
|
path = "/data/media";
|
|
|
|
browseable = "yes";
|
|
|
|
"valid users" = "h7x4";
|
|
|
|
"read only" = "no";
|
|
|
|
"guest ok" = "no";
|
|
|
|
"create mask" = "0644";
|
|
|
|
"directory mask" = "0755";
|
|
|
|
"force user" = "media";
|
|
|
|
"force group" = "media";
|
|
|
|
"comment" = "media drive";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 139 445 ];
|
|
|
|
networking.firewall.interfaces."tailscale0".allowedUDPPorts = [ 137 138 ];
|
|
|
|
}
|