From 2bf237f1dae0cf0ce8d3f6ef9afb52f60f560fb4 Mon Sep 17 00:00:00 2001
From: GHOSCHT <31184695+GHOSCHT@users.noreply.github.com>
Date: Thu, 13 Jun 2024 23:29:40 +0200
Subject: [PATCH] Add initial native smb share

doesn't really work yet from windows side, but linux works
---
 hosts/franz/default.nix |  1 +
 hosts/franz/samba.nix   | 57 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 hosts/franz/samba.nix

diff --git a/hosts/franz/default.nix b/hosts/franz/default.nix
index 8c7302e..c5601a7 100644
--- a/hosts/franz/default.nix
+++ b/hosts/franz/default.nix
@@ -26,6 +26,7 @@ in {
     ./restic.nix
     ./arion
     ./hydra.nix
+    ./samba.nix
   ];
 
   # Enable ZFS
diff --git a/hosts/franz/samba.nix b/hosts/franz/samba.nix
new file mode 100644
index 0000000..d0dfc17
--- /dev/null
+++ b/hosts/franz/samba.nix
@@ -0,0 +1,57 @@
+{
+  services.samba = {
+    enable = true;
+    securityType = "user";
+    openFirewall = true;
+    extraConfig = ''
+      workgroup = WORKGROUP
+      server string = franz
+      netbios name = franz
+      security = user
+      #use sendfile = yes
+      #max protocol = smb2
+      # note: localhost is the ipv6 localhost ::1
+      hosts allow = 192.168.178. 127.0.0.1 localhost
+      hosts deny = 0.0.0.0/0
+      guest account = nobody
+      map to guest = bad user
+
+      # debugging
+      # log file = /var/log/samba/log.%m
+      # max log size = 1000
+      # logging = file
+    '';
+
+    # Run sudo smbpasswd -a <username> to set the smb password for an EXISTING linux user
+    shares = {
+      software = {
+        path = "/storage/dataset/data/torrents/misc";
+        browseable = "yes";
+        "read only" = "yes";
+        "guest ok" = "no";
+        "create mask" = "0644";
+        "directory mask" = "0755";
+        "force user" = "ghoscht";
+        "force group" = "users";
+      };
+      max = {
+        path = "/storage/dataset/nas/max";
+        browseable = "yes";
+        "read only" = "no";
+        "guest ok" = "no";
+        "valid users" = "max";
+        "create mask" = "0644";
+        "directory mask" = "0755";
+        "force user" = "ghoscht";
+        "force group" = "users";
+      };
+    };
+  };
+
+  services.samba-wsdd = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  networking.firewall.allowPing = true;
+}