{ config, lib, pkgs, ... }: { config = { services.samba = { enable = true; settings = { global = { security = "user"; "domain master" = true; workgroup = "WORKGROUP"; "load printers" = false; printing = "bsd"; "printcap name" = "/dev/null"; "disable spoolss" = true; "guest account" = "nobody"; "bind interfaces only" = true; interfaces = ["lo" "lan"]; "server signing" = "mandatory"; "server min protocol" = "SMB3"; "server smb encrypt" = "required"; }; homes = { comment = "Home directory for %S"; path = "/home/%S"; browseable = false; "valid users" = "%S"; "read only" = false; "create mask" = "0700"; "directory mask" = "0700"; "vfs objects" = "shadow_copy2"; "shadow:snapdir" = ".zfs/snapshot"; "shadow:snapdirseverywhere" = true; "shadow:sort" = "desc"; "shadow:format" = "%Y-%m-%dT%H:%M:%SZ"; }; eos = { comment = "Disk image of legacy eos"; browseable = true; "valid users" = "mherold"; writeable = "true"; path = "/srv/eos"; }; home-eostre = { comment = "Home directoriy for %u on PXE booted eostre"; path = "/srv/cifs/home-eostre/%u"; volume = "%u@eostre"; browseable = true; "read only" = false; "create mask" = "0700"; "directory mask" = "0700"; "vfs objects" = "shadow_copy2"; "shadow:snapdir" = ".zfs/snapshot"; "shadow:sort" = "desc"; "shadow:format" = "%Y-%m-%dT%H:%M:%SZ"; }; }; }; services.samba-wsdd = { enable = true; workgroup = "WORKGROUP"; interface = [ "lo" "lan" ]; }; boot.supportedFilesystems = [ "ntfs" ]; systemd.mounts = [ { where = "/srv/eos.lower"; what = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/base"; type = "ntfs"; options = lib.concatStringsSep "," [ "ro" "uid=mherold" "gid=users" "fmask=0177" "dmask=0077" "nofail" ]; unitConfig.StopWhenUnneeded = true; } { where = "/srv/eos.upper"; what = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/upper"; type = "ext4"; options = lib.concatStringsSep "," [ "nofail" ]; unitConfig.StopWhenUnneeded = true; } { bindsTo = [ "srv-eos.lower.mount" "srv-eos.upper.mount" ]; after = [ "srv-eos.lower.mount" "srv-eos.upper.mount" ]; where = "/srv/eos"; what = "overlay"; type = "overlay"; options = lib.concatStringsSep "," [ "lowerdir=/srv/eos.lower" "upperdir=/srv/eos.upper/upper" "workdir=/srv/eos.upper/work" ]; } ]; systemd.automounts = [ { wantedBy = [ "samba-smbd.service" ]; before = [ "samba-smbd.service" ]; where = "/srv/eos"; automountConfig.TimeoutIdleSec = "5m"; } ]; }; }