jasmine/dotfiles.nix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fix SMB service

Browse source
This commit is contained in:
♥ Minnie ♥ 2024-07-16 21:27:20 +08:00
parent 98891a9b15
commit 1fa3e16a8c
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
4 changed files with 15 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
nixos/common/users/sajenim/samba/default.nix
View file

@ -1,14 +1,18 @@
{ config, ... }: { pkgs, config, ... }:
{ {
age.secrets.smb-secrets = { age.secrets.smb-secrets = {
rekeyFile = ./smb-secrets.age; rekeyFile = ./smb-secrets.age;
}; };
# For mount.cifs, required unless domain name resolution is not needed.
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/home/sajenim/.backup" = { fileSystems."/home/sajenim/.backup" = {
device = "//192.168.1.102/sajenim"; device = "//192.168.20.4/sajenim";
fsType = "cifs"; fsType = "cifs";
options = let options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users"; automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];

12
nixos/common/users/sajenim/samba/smb-secrets.age
View file

@ -1,7 +1,7 @@
age-encryption.org/v1 age-encryption.org/v1
-> piv-p256 hdSnGw AuXEhgAyxDSAP0HbRE1g0HOaEp9x76AD+681RMOReayb -> piv-p256 hdSnGw A6SOTJ6Ak8MPRXl4DdNVX/RGn4DztXFsvLRTEL5lzpta
0fpWaqClsG3wrak0hnU+nB6Dpmdv11CgCl81P5CuwcQ /hIBzwMLsahaAJMLMKt616Kj8xtNlH/CXc0O+Z++7fA
-> q]sfNw0}-grease {sq -> #$R.$IT-grease 8.YJD9ko W_{@`a? b ]CR=z$I
V6m76C8Jvng8SPHoPvyocYo IZxSo1rx5e9HQFKq6fkswSjLkE2jpiCOVNAh9HqKa4WXc8GIgEOFAV8ULnIeP2I
--- SaJq9U29eLJm6aM9OfiMlINa9rhZ1wy0ZtYU/U1D6BM --- V8lROz32xt5D85UxUSkh3FMAm25cGIuA+Un0TTL6v90
y Yºœ_;2&C5> ëjFÄjl^iàè¶pâ=Âh @(.<2E>0¼A†]®Zd¸,ë!Im¯6âå™à“˾=ãÈa f YŔ‰ Ś^”¶{¤t<C2A4>IŇvmqŤ4ĽĎnÖ˘ĐĐt§9U`Ż#·Ć§<C486>±wµ8Ňd<C587>öîßđ§€[ĐzŔľ¸a2Ă9P5¤Ó¶`Ei”,5·ĂbŰPNŢö“ѡY<CB87>ŐÜ'¦<>÷

1
nixos/viridian/configuration.nix
View file

@ -31,6 +31,7 @@
networkmanager.enable = true; networkmanager.enable = true;
firewall = { firewall = {
enable = true; enable = true;
allowPing = true;
allowedTCPPorts = [ allowedTCPPorts = [
53 # adguardhome (DNS) 53 # adguardhome (DNS)
80 # traefik (HTTP) 80 # traefik (HTTP)

5
nixos/viridian/services/samba.nix
View file

@ -13,7 +13,7 @@
#use sendfile = yes #use sendfile = yes
#max protocol = smb2 #max protocol = smb2
# note: localhost is the ipv6 localhost ::1 # note: localhost is the ipv6 localhost ::1
hosts allow = 192.168.1.101 192.168.1.108 127.0.0.1 localhost hosts allow = 192.168.20.5 127.0.0.1 localhost
hosts deny = 0.0.0.0/0 hosts deny = 0.0.0.0/0
guest account = nobody guest account = nobody
map to guest = bad user map to guest = bad user
@ -47,6 +47,5 @@
openFirewall = true; openFirewall = true;
}; };
networking.firewall.enable = true; environment.persistence."/persist".directories = [ "/var/lib/samba" ];
networking.firewall.allowPing = true;
} }