blob: ffca9c6daeb571bfe5d91358b969f25afed7a727 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
{ config, lib, pkgs, ... }:
{
config = {
services.samba = {
enable = true;
securityType = "user";
extraConfig = ''
domain master = yes
workgroup = WORKGROUP
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
guest account = nobody
bind interfaces only = yes
interfaces = lo lan
server signing = mandatory
server min protocol = SMB3
server smb encrypt = required
'';
shares = {
homes = {
comment = "Home directory for %S";
path = "/home/%S";
browseable = false;
"valid users" = "%S";
"read only" = false;
"create mask" = "0700";
"directory mask" = "0700";
"vfs objects" = "shadow_copy2";
"shadow:snapdir" = ".zfs/snapshot";
"shadow:snapdirseverywhere" = true;
"shadow:sort" = "desc";
"shadow:format" = "%Y-%m-%dT%H:%M:%SZ";
};
eos = {
comment = "Disk image of legacy eos";
browseable = true;
"valid users" = "mherold";
writeable = "true";
path = "/srv/eos";
};
home-eos = {
comment = "Home directoriy for %u on PXE booted EOS";
path = "/srv/cifs/home-eos/%u";
volume = "%u@eos";
browseable = true;
"read only" = false;
"create mask" = "0700";
"directory mask" = "0700";
"vfs objects" = "shadow_copy2";
"shadow:snapdir" = ".zfs/snapshot";
"shadow:sort" = "desc";
"shadow:format" = "%Y-%m-%dT%H:%M:%SZ";
};
};
};
services.samba-wsdd = {
enable = true;
workgroup = "WORKGROUP";
interface = [ "lo" "lan" ];
};
fileSystems."/srv/eos.lower" = {
device = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/base";
fsType = "ntfs";
options = [ "ro" "uid=mherold" "gid=users" "fmask=0177" "dmask=0077" "nofail" "noauto" ];
};
fileSystems."/srv/eos.upper" = {
device = "/dev/zvol/hdd-raid6/safe/home/mherold/eos/upper";
fsType = "ext4";
options = [ "nofail" "noauto" ];
};
systemd.mounts = [
{
wantedBy = [ "samba-smbd.service" ];
before = [ "samba-smbd.service" ];
where = "/srv/eos";
what = "overlay";
type = "overlay";
options = lib.concatStringsSep ","
[ "lowerdir=/srv/eos.lower"
"upperdir=/srv/eos.upper/upper"
"workdir=/srv/eos.upper/work"
];
unitConfig = {
RequiresMountsFor = [ "/srv/eos.lower" "/srv/eos.upper" ];
};
}
];
};
}
|