remove samba shares

2024-09-30 21:00:01 +08:00 · 2024-09-30 21:00:01 +08:00 · 0423359e16
parent a98bb5989d
commit 0423359e16
8 changed files with 0 additions and 122 deletions
--- a/nixos/common/users/sajenim/samba/default.nix
+++ b/nixos/common/users/sajenim/samba/default.nix
@ -1,25 +0,0 @@
 {
  pkgs,
  config,
  ...
 }: {
  age.secrets.smb-secrets = {
    rekeyFile = ./smb-secrets.age;
  };
  # For mount.cifs, required unless domain name resolution is not needed.
  environment.systemPackages = [pkgs.cifs-utils];
  fileSystems."/home/sajenim/.backup" = {
    device = "//192.168.50.227/sajenim";
    fsType = "cifs";
    options = let
      # this line prevents hanging on network split
      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
    in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
  };
  environment.etc = {
    "nixos/smb-secrets".source = config.age.secrets.smb-secrets.path;
  };
 }
--- a/nixos/common/users/sajenim/samba/smb-secrets.age
+++ b/nixos/common/users/sajenim/samba/smb-secrets.age
@ -1,7 +0,0 @@
 age-encryption.org/v1
 -> piv-p256 hdSnGw A6SOTJ6Ak8MPRXl4DdNVX/RGn4DztXFsvLRTEL5lzpta
 /hIBzwMLsahaAJMLMKt616Kj8xtNlH/CXc0O+Z++7fA
 -> #$R.$IT-grease 8.YJD9ko W_{@`a? b ]CR=z$I
 IZxSo1rx5e9HQFKq6fkswSjLkE2jpiCOVNAh9HqKa4WXc8GIgEOFAV8ULnIeP2I
 --- V8lROz32xt5D85UxUSkh3FMAm25cGIuA+Un0TTL6v90
 YÀ‰ Œ^”¶{¤tˆIÒvmq<6D>4¼ÏnÖ¢ÐÐt§9U`¯#·Æ§ˆ±wµ8Òd˜öîßð§€[ÐzÀ¾¸a2Ã9P5¤Ó¶`Ei”,5·ÃbÛPNÞ’ö“Ñ¡Y<C2A1>ÕÜ'¦<>÷
--- a/nixos/common/users/spectre/default.nix
+++ b/nixos/common/users/spectre/default.nix
@ -1,22 +0,0 @@
 {
  inputs,
  pkgs,
  ...
 }: {
  imports = [
    inputs.home-manager.nixosModules.home-manager
  ];
  users.users.spectre = {
    isNormalUser = true;
    shell = pkgs.zsh;
    hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/";
  };
  users.mutableUsers = false;
  fileSystems."/home/spectre" = {
    device = "/dev/disk/by-label/data";
    fsType = "btrfs";
    options = ["subvol=spectre" "compress=zstd"];
  };
 }
--- a/nixos/fuchsia/configuration.nix
+++ b/nixos/fuchsia/configuration.nix
@ -5,7 +5,6 @@
    # Our user configuration and optional user units
    ../common/users/sajenim
    ../common/users/sajenim/samba
    ../common/users/sajenim/steam
    # Optional components
--- a/nixos/viridian/configuration.nix
+++ b/nixos/viridian/configuration.nix
@ -5,7 +5,6 @@
    # Our user configuration and optional user units
    ../common/users/sajenim
    ../common/users/spectre
    # Containers
    ./containers/jellyfin
@ -31,7 +30,6 @@
    ./services/mysql
    ./services/paperless-ngx
    ./services/prometheus
    ./services/samba
    ./services/traefik
    # Setup our hardware
--- a/nixos/viridian/hardware-configuration.nix
+++ b/nixos/viridian/hardware-configuration.nix
@ -71,12 +71,6 @@ in {
    options = ["subvol=services" "compress=zstd"];
  };
  fileSystems."/srv/shares" = {
    device = "/dev/disk/by-label/data";
    fsType = "btrfs";
    options = ["subvol=shares" "compress=zstd"];
  };
  fileSystems."/srv/backup" = {
    device = "/dev/disk/by-label/data";
    fsType = "btrfs";
--- a/nixos/viridian/services/borgbackup/default.nix
+++ b/nixos/viridian/services/borgbackup/default.nix
@ -19,15 +19,5 @@
      compression = "auto,zstd";
      startAt = "daily";
    };
    shares = {
      paths = [
        "/srv/shares"
      ];
      encryption.mode = "none";
      repo = "/srv/backup/shares";
      compression = "auto,zstd";
      startAt = "daily";
    };
  };
 }
--- a/nixos/viridian/services/samba/default.nix
+++ b/nixos/viridian/services/samba/default.nix
@ -1,49 +0,0 @@
 {...}: {
  services.samba = {
    enable = true;
    securityType = "user";
    openFirewall = true;
    extraConfig = ''
      workgroup = WORKGROUP
      server string = smbnix
      netbios name = smbnix
      security = user
      #use sendfile = yes
      #max protocol = smb2
      # note: localhost is the ipv6 localhost ::1
      hosts allow = 192.168.50.237 192.168.50.12 127.0.0.1 localhost
      hosts deny = 0.0.0.0/0
      guest account = nobody
      map to guest = bad user
    '';
    shares = {
      spectre = {
        path = "/srv/shares/spectre";
        browseable = "yes";
        "read only" = "no";
        "guest ok" = "no";
        "create mask" = "0644";
        "directory mask" = "0755";
        "force user" = "spectre";
        "force group" = "users";
      };
      sajenim = {
        path = "/srv/shares/sajenim";
        browseable = "yes";
        "read only" = "no";
        "guest ok" = "no";
        "create mask" = "0644";
        "directory mask" = "0755";
        "force user" = "sajenim";
        "force group" = "users";
      };
    };
  };
  services.samba-wsdd = {
    enable = true;
    openFirewall = true;
  };
  environment.persistence."/persist".directories = ["/var/lib/samba"];
 }