{ config, lib, pkgs, ... }: { config = { services.samba = { enable = true; securityType = "user"; extraConfig = '' domain master = yes workgroup = WORKGROUP load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes guest account = nobody bind interfaces only = yes interfaces = lo lan server signing = mandatory server min protocol = SMB3 server smb encrypt = required ''; shares = { homes = { comment = "Home directory for %S"; path = "/home/%S"; browseable = false; "valid users" = "%S"; "read only" = false; "create mask" = "0700"; "directory mask" = "0700"; "vfs objects" = "shadow_copy2"; "shadow:snapdir" = ".zfs/snapshot"; "shadow:snapdirseverywhere" = true; "shadow:sort" = "desc"; "shadow:format" = "%Y-%m-%dT%H:%M:%SZ"; }; eos = { comment = "Disk image of legacy eos"; browseable = true; "valid users" = "mherold"; writeable = "true"; path = "/srv/eos"; }; home-eos = { comment = "Home directoriy for %u on PXE booted EOS"; path = "/srv/cifs/home-eos/%u"; volume = "%u@eos"; browseable = true; "read only" = false; "create mask" = "0700"; "directory mask" = "0700"; "vfs objects" = "shadow_copy2"; "shadow:snapdir" = ".zfs/snapshot"; "shadow:sort" = "desc"; "shadow:format" = "%Y-%m-%dT%H:%M:%SZ"; }; }; }; services.samba-wsdd = { enable = true; workgroup = "WORKGROUP"; interface = [ "lo" "lan" ]; }; fileSystems."/srv/eos.lower" = { device = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/base"; fsType = "ntfs"; options = [ "ro" "uid=mherold" "gid=users" "fmask=0177" "dmask=0077" "nofail" "noauto" ]; }; fileSystems."/srv/eos.upper" = { device = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/upper"; fsType = "ext4"; options = [ "nofail" "noauto" ]; }; systemd.mounts = [ { wantedBy = [ "samba-smbd.service" ]; before = [ "samba-smbd.service" ]; where = "/srv/eos"; what = "overlay"; type = "overlay"; options = lib.concatStringsSep "," [ "lowerdir=/srv/eos.lower" "upperdir=/srv/eos.upper/upper" "workdir=/srv/eos.upper/work" ]; unitConfig = { RequiresMountsFor = [ "/srv/eos.lower" "/srv/eos.upper" ]; }; } ]; }; }