From 9f3f14e159b59f8ef935910d61d4ad43ff7b644a Mon Sep 17 00:00:00 2001 From: Swarsel Date: Mon, 23 Sep 2024 23:39:57 +0200 Subject: [PATCH] feat: init nfs config on winters --- SwarselSystems.org | 54 ++++++++++++++++++++++++++++-- profiles/server/common/default.nix | 1 + profiles/server/common/nfs.nix | 53 +++++++++++++++++++++++++++++ profiles/server/common/sfs.nix | 53 +++++++++++++++++++++++++++++ 4 files changed, 159 insertions(+), 2 deletions(-) create mode 100644 profiles/server/common/nfs.nix create mode 100644 profiles/server/common/sfs.nix diff --git a/SwarselSystems.org b/SwarselSystems.org index 7b63d0c..58f79db 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -6507,6 +6507,7 @@ Also, the system state version is set here. No need to touch it. ./packages.nix ./sops.nix ./ssh.nix + ./nfs.nix ./nginx.nix ./kavita.nix ./jellyfin.nix @@ -6580,12 +6581,61 @@ Also, the system state version is set here. No need to touch it. } #+end_src -**** zfs +**** nfs/samba (smb) -#+begin_src nix :tangle profiles/server/common/zfs.nix +#+begin_src nix :tangle profiles/server/common/nfs.nix { pkgs, lib, config, ... }: { + # Network shares + # add a user with sudo smbpasswd -a + samba = { + package = pkgs.samba4Full; + extraConfig = '' + workgroup = WORKGROUP + server role = standalone server + dns proxy = no + + pam password change = yes + map to guest = bad user + create mask = 0664 + force create mode = 0664 + directory mask = 0775 + force directory mode = 0775 + follow symlinks = yes + ''; + + # ^^ `samba4Full` is compiled with avahi, ldap, AD etc support compared to the default package, `samba` + # Required for samba to register mDNS records for auto discovery + # See https://github.com/NixOS/nixpkgs/blob/592047fc9e4f7b74a4dc85d1b9f5243dfe4899e3/pkgs/top-level/all-packages.nix#L27268 + enable = true; + # openFirewall = true; + shares.Eternor = { + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + path = "/Vault/Eternor"; + writable = "true"; + comment = "Eternor"; + "valid users" = "@Swarsel"; + }; + }; + + + avahi = { + publish.enable = true; + publish.userServices = true; + # ^^ Needed to allow samba to automatically register mDNS records without the need for an `extraServiceFile` + nssmdns4 = true; + # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it + enable = true; + }; + + samba-wsdd = { + # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued + enable = true; + }; + }; } #+end_src diff --git a/profiles/server/common/default.nix b/profiles/server/common/default.nix index dac011a..2c216f7 100644 --- a/profiles/server/common/default.nix +++ b/profiles/server/common/default.nix @@ -10,6 +10,7 @@ ./packages.nix ./sops.nix ./ssh.nix + ./nfs.nix ./nginx.nix ./kavita.nix ./jellyfin.nix diff --git a/profiles/server/common/nfs.nix b/profiles/server/common/nfs.nix new file mode 100644 index 0000000..653aeb2 --- /dev/null +++ b/profiles/server/common/nfs.nix @@ -0,0 +1,53 @@ +{ pkgs, lib, config, ... }: +{ + + # Network shares + # add a user with sudo smbpasswd -a + samba = { + package = pkgs.samba4Full; + extraConfig = '' + workgroup = WORKGROUP + server role = standalone server + dns proxy = no + + pam password change = yes + map to guest = bad user + create mask = 0664 + force create mode = 0664 + directory mask = 0775 + force directory mode = 0775 + follow symlinks = yes + ''; + + # ^^ `samba4Full` is compiled with avahi, ldap, AD etc support compared to the default package, `samba` + # Required for samba to register mDNS records for auto discovery + # See https://github.com/NixOS/nixpkgs/blob/592047fc9e4f7b74a4dc85d1b9f5243dfe4899e3/pkgs/top-level/all-packages.nix#L27268 + enable = true; + # openFirewall = true; + shares.Eternor = { + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + path = "/Vault/Eternor"; + writable = "true"; + comment = "Eternor"; + "valid users" = "@Swarsel"; + }; + }; + + + avahi = { + publish.enable = true; + publish.userServices = true; + # ^^ Needed to allow samba to automatically register mDNS records without the need for an `extraServiceFile` + nssmdns4 = true; + # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it + enable = true; + }; + + samba-wsdd = { + # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued + enable = true; + }; +}; +} diff --git a/profiles/server/common/sfs.nix b/profiles/server/common/sfs.nix new file mode 100644 index 0000000..653aeb2 --- /dev/null +++ b/profiles/server/common/sfs.nix @@ -0,0 +1,53 @@ +{ pkgs, lib, config, ... }: +{ + + # Network shares + # add a user with sudo smbpasswd -a + samba = { + package = pkgs.samba4Full; + extraConfig = '' + workgroup = WORKGROUP + server role = standalone server + dns proxy = no + + pam password change = yes + map to guest = bad user + create mask = 0664 + force create mode = 0664 + directory mask = 0775 + force directory mode = 0775 + follow symlinks = yes + ''; + + # ^^ `samba4Full` is compiled with avahi, ldap, AD etc support compared to the default package, `samba` + # Required for samba to register mDNS records for auto discovery + # See https://github.com/NixOS/nixpkgs/blob/592047fc9e4f7b74a4dc85d1b9f5243dfe4899e3/pkgs/top-level/all-packages.nix#L27268 + enable = true; + # openFirewall = true; + shares.Eternor = { + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + path = "/Vault/Eternor"; + writable = "true"; + comment = "Eternor"; + "valid users" = "@Swarsel"; + }; + }; + + + avahi = { + publish.enable = true; + publish.userServices = true; + # ^^ Needed to allow samba to automatically register mDNS records without the need for an `extraServiceFile` + nssmdns4 = true; + # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it + enable = true; + }; + + samba-wsdd = { + # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued + enable = true; + }; +}; +}