nixfiles/hosts/koi/containers/sftpgo/samba.nix

{ abs, lib, config, pkgs, ... }@inputs:

let
  containers = import (abs "lib/containers.nix") inputs;
in
{
  imports = [
    (containers.mkNixosContainer {
      name = "puffer";
      ip = "10.42.0.5";
      private = false;

      config = { ... }: {
        users.users.smb-guest.isNormalUser = true;
        
        services.avahi = {
          enable = true;
          nssmdns4 = true;
          openFirewall = true;
          publish = {
            enable = true;
            userServices = true;
          };

          extraServiceFiles.puffer = ''
            <?xml version="1.0" standalone='no'?>
            <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
            <service-group>
              <name>puffer</name>
              <service>
                <port>445</port>
                <type>_smb._tcp</type>
              </service>
              <service>
                <port>9</port>
                <type>_adisk._tcp</type>
                <txt-record>sys=waMa=0,adVF=0x100</txt-record>
                <txt-record>dk0=adVN=Puffer TimeMachine,adVF=0x82</txt-record>
              </service>
              <service>
                <port>0</port>
                <type>_device-info._tcp</type>
                <txt-record>model=TimeCapsule8,119</txt-record>
              </service>
            </service-group>
          '';
        };

        services.samba = let 
          common = {
            browseable = "yes";
            "read only" = "yes";
            "guest ok" = "yes";
          };
        in {
          enable = true;
          openFirewall = true;

          settings = {
            global = {
              "workgroup" = "WORKGROUP";
              "server string" = "puffer";
              "netbios name" = "puffer";
              "security" = "user";
              "guest account" = "smb-guest";
              "map to guest" = "bad user";
              "hosts allow" = "10.0.0.0/8";
              "hosts deny" = "0.0.0.0/0";
              "inherit permissions" = "yes";

              # Performance
              "socket options" = "TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072";
              "read raw" = "yes";
              "write raw" = "yes";
              "server signing" = "no";
              "strict locking" = "no";
              "min receivefile size" = "16384";
              "use sendfile" = "Yes";
              "aio read size" = "16384";
              "aio write size" = "16384";

              # Fruit global config
              "fruit:aapl" = "yes";
              "fruit:nfs_aces" = "no";
              "fruit:copyfile" = "no";
              "fruit:model" = "MacSamba";
            };

            Downloads = common // {
              path = "/mnt/puffer/Downloads";
            };

            Public = common // {
              path = "/mnt/puffer/Public";
            };
          };
        };
      };

      mounts = {
        "/mnt/puffer/Downloads" = {
          hostPath = "/mnt/puffer/Downloads";
          isReadOnly = true;
        };
        "/mnt/puffer/Public" = {
          hostPath = "/mnt/puffer/Public";
          isReadOnly = true;
        };
      };
    })
  ];

}
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00			`{ abs, lib, config, pkgs, ... }@inputs:`

			`let`
			`containers = import (abs "lib/containers.nix") inputs;`
			`in`
			`{`
			`imports = [`
			`(containers.mkNixosContainer {`
			`name = "puffer";`
			`ip = "10.42.0.5";`
			`private = false;`

			`config = { ... }: {`
			`users.users.smb-guest.isNormalUser = true;`

			`services.avahi = {`
			`enable = true;`
			`nssmdns4 = true;`
			`openFirewall = true;`
			`publish = {`
			`enable = true;`
			`userServices = true;`
			`};`

			`extraServiceFiles.puffer = ''`
			`<?xml version="1.0" standalone='no'?>`
			`<!DOCTYPE service-group SYSTEM "avahi-service.dtd">`
			`<service-group>`
			`<name>puffer</name>`
			`<service>`
			`<port>445</port>`
			`<type>_smb._tcp</type>`
			`</service>`
			`<service>`
			`<port>9</port>`
			`<type>_adisk._tcp</type>`
			`<txt-record>sys=waMa=0,adVF=0x100</txt-record>`
			`<txt-record>dk0=adVN=Puffer TimeMachine,adVF=0x82</txt-record>`
			`</service>`
			`<service>`
			`<port>0</port>`
			`<type>_device-info._tcp</type>`
			`<txt-record>model=TimeCapsule8,119</txt-record>`
			`</service>`
			`</service-group>`
			`'';`
			`};`

chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`services.samba = let`
			`common = {`
			`browseable = "yes";`
			`"read only" = "yes";`
			`"guest ok" = "yes";`
			`};`
			`in {`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00			`enable = true;`
			`openFirewall = true;`

chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`settings = {`
			`global = {`
			`"workgroup" = "WORKGROUP";`
			`"server string" = "puffer";`
			`"netbios name" = "puffer";`
			`"security" = "user";`
			`"guest account" = "smb-guest";`
			`"map to guest" = "bad user";`
			`"hosts allow" = "10.0.0.0/8";`
			`"hosts deny" = "0.0.0.0/0";`
			`"inherit permissions" = "yes";`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00
chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`# Performance`
			`"socket options" = "TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072";`
			`"read raw" = "yes";`
			`"write raw" = "yes";`
			`"server signing" = "no";`
			`"strict locking" = "no";`
			`"min receivefile size" = "16384";`
			`"use sendfile" = "Yes";`
			`"aio read size" = "16384";`
			`"aio write size" = "16384";`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00
chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`# Fruit global config`
			`"fruit:aapl" = "yes";`
			`"fruit:nfs_aces" = "no";`
			`"fruit:copyfile" = "no";`
			`"fruit:model" = "MacSamba";`
			`};`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00
chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`Downloads = common // {`
			`path = "/mnt/puffer/Downloads";`
			`};`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00
chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`Public = common // {`
			`path = "/mnt/puffer/Public";`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00			`};`
chore(koi): bumped nixos and kernel 2024-11-14 22:07:56 +03:00			`};`
chore(koi): moved sftpgo to a docker container 2024-09-18 01:04:59 +03:00			`};`
			`};`

			`mounts = {`
			`"/mnt/puffer/Downloads" = {`
			`hostPath = "/mnt/puffer/Downloads";`
			`isReadOnly = true;`
			`};`
			`"/mnt/puffer/Public" = {`
			`hostPath = "/mnt/puffer/Public";`
			`isReadOnly = true;`
			`};`
			`};`
			`})`
			`];`

			`}`