{ abs, lib, config, pkgs, ... }@inputs: let containers = import (abs "lib/containers.nix") inputs; in { imports = [ (containers.mkNixosContainer { name = "puffer"; ip = "10.42.0.5"; private = false; config = { ... }: { users.users.smb-guest.isNormalUser = true; services.avahi = { enable = true; nssmdns4 = true; openFirewall = true; publish = { enable = true; userServices = true; }; extraServiceFiles.puffer = '' puffer 445 _smb._tcp 9 _adisk._tcp

sys=waMa=0,adVF=0x100

dk0=adVN=Puffer TimeMachine,adVF=0x82

0 _device-info._tcp

model=TimeCapsule8,119

''; }; services.samba = let common = { browseable = "yes"; "read only" = "yes"; "guest ok" = "yes"; }; in { enable = true; openFirewall = true; settings = { global = { "workgroup" = "WORKGROUP"; "server string" = "puffer"; "netbios name" = "puffer"; "security" = "user"; "guest account" = "smb-guest"; "map to guest" = "bad user"; "hosts allow" = "10.0.0.0/8"; "hosts deny" = "0.0.0.0/0"; "inherit permissions" = "yes"; # Performance "socket options" = "TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072"; "read raw" = "yes"; "write raw" = "yes"; "server signing" = "no"; "strict locking" = "no"; "min receivefile size" = "16384"; "use sendfile" = "Yes"; "aio read size" = "16384"; "aio write size" = "16384"; # Fruit global config "fruit:aapl" = "yes"; "fruit:nfs_aces" = "no"; "fruit:copyfile" = "no"; "fruit:model" = "MacSamba"; }; Downloads = common // { path = "/mnt/puffer/Downloads"; }; Public = common // { path = "/mnt/puffer/Public"; }; }; }; }; mounts = { "/mnt/puffer/Downloads" = { hostPath = "/mnt/puffer/Downloads"; isReadOnly = true; }; "/mnt/puffer/Public" = { hostPath = "/mnt/puffer/Public"; isReadOnly = true; }; }; }) ]; }