samba some progress

2023-09-12 13:31:46 +03:00 · 2023-09-12 13:31:46 +03:00 · 2b5b9bc57f
commit 2b5b9bc57f
parent dea3eef575
5 changed files with 74 additions and 26 deletions
--- a/data.nix
+++ b/data.nix
@ -12,6 +12,8 @@ rec {
    node_exporter = 503;

    borgstor = 504;
+
+    jakstpub = 505;
  };

  ports = {
--- a/hosts/vno1-rp3b/configuration.nix
+++ b/hosts/vno1-rp3b/configuration.nix
@ -80,6 +80,13 @@
          publicKey = myData.hosts."vno1-oh2.servers.jakst".publicKey;
        };
      };
+
+      jakstpub = {
+        enable = true;
+        dataDir = "/data/shared";
+        requires = ["data-shared.mount"];
+        uidgid = myData.uidgid.jakstpub;
+      };
    };
  };

@ -87,25 +94,6 @@

  services.journald.extraConfig = "Storage=volatile";

-  #services.samba = {
-  #  enable = true;
-  #  securityType = "user";
-  #  enableNmbd = true;
-  #  enableWinbindd = false;
-  #  extraConfig = ''
-  #    map to guest = Bad User
-  #    guest account = jakstpub
-  #    passwd backend = tbdsam
-  #  '';
-  #  shares = {
-  #    public = {
-  #      path = "/data/shared";
-  #      writable = "yes";
-  #      printable = "no";
-  #    };
-  #  };
-  #};
-
  environment.etc = {
    "datapool-passphrase.txt".source = config.age.secrets.datapool-passphrase.path;
  };
--- a/modules/base/zfsborg/default.nix
+++ b/modules/base/zfsborg/default.nix
@ -92,11 +92,13 @@ in {
                    weekly = 4;
                    monthly = 3;
                  };
-                  environment = {
+                  environment =
+                    {
                      BORG_HOST_ID = let
                        h = config.networking;
                      in "${h.hostName}.${h.domain}@${h.hostId}";
-                  } // lib.optionalAttrs (sshKeyPath != null) {
+                    }
+                    // lib.optionalAttrs (sshKeyPath != null) {
                      BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"'';
                    };
                }
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@ -10,6 +10,7 @@
    ./friendlyport
    ./gitea
    ./headscale
+    ./jakstpub
    ./matrix-synapse
    ./node_exporter
    ./nsd-acme
--- a/modules/services/jakstpub/default.nix
+++ b/modules/services/jakstpub/default.nix
@ -0,0 +1,55 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  options.mj.services.jakstpub = with lib.types; {
+    enable = lib.mkEnableOption "Enable jakstpub";
+    dataDir = lib.mkOption {type = path;};
+    # RequiresMountsFor is used by upstream, hacking with the unit
+    requires = lib.mkOption {type = listOf str;};
+    uidgid = lib.mkOption {type = int;};
+  };
+
+  config = with config.mj.services.jakstpub;
+    lib.mkIf enable {
+      services.samba = {
+        enable = true;
+        securityType = "user";
+        enableNmbd = true;
+        enableWinbindd = false;
+        extraConfig = ''
+          map to guest = Bad User
+          guest account = jakstpub
+        '';
+        shares = {
+          public = {
+            path = dataDir;
+            writable = "yes";
+            printable = "no";
+            public = "yes";
+          };
+        };
+      };
+
+      users.users.jakstpub = {
+        description = "Jakstys Public";
+        home = dataDir;
+        useDefaultShell = true;
+        group = "jakstpub";
+        isSystemUser = true;
+        createHome = false;
+        uid = uidgid;
+      };
+
+      users.groups.jakstpub.gid = uidgid;
+
+      systemd.services.samba-smbd = {
+        unitConfig.Requires = requires;
+      };
+
+      # WIP ports
+      #friendlyport.vpn.ports = [ 13
+    };
+}