gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(samba): kyuuto opl

Browse source
This commit is contained in:
arcnmx 2024-02-19 13:23:37 -08:00
parent cc990d1d9a
commit 5d48940824
6 changed files with 111 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/index.adoc
View file

@ -15,6 +15,9 @@ Links::
https://gensokyo.zone[Homepage]:: https://gensokyo.zone[Homepage]::
Service listing Service listing
<<./smb.adoc#,SMB Shares>>::
Network file shares
<<./network.adoc#,Home Network>>:: <<./network.adoc#,Home Network>>::
Local network subnets and IP address reservations Local network subnets and IP address reservations

44
docs/smb.adoc Normal file
View file

@ -0,0 +1,44 @@
= SMB
:guest: Guest access is available by logging in with a non-existent username and password.
== Shares
[[transfer]]
kyuuto-transfer::
Accessible via LAN only ([.pathvalue]#\\smb.local.gensokyo.zone\kyuuto-transfer#) with guest access{empty}footnote:guest[{guest}].
The transfer share used for quick file transfers onto the server for temporary sharing purposes.
Make sure to let someone know when you've added something here that should be moved to a media library or organized for some specific service!
[[library]]
kyuuto-library::
Accessible via LAN only ([.pathvalue]#\\smb.local.gensokyo.zone\kyuuto-library#) with read-only guest access{empty}footnote:guest[{guest}].
+
The Kyuuto library directory is where most media and shared data belongs.
Adding new files to an appropriate directory will typically automatically add it to the corresponding Plex library or similar.
[[library-net]]
kyuuto-library-net::
The <<library,Kyuuto library>> share is also available globally via [.pathvalue]#\\smb.gensokyo.zone\kyuuto-library-net#
kyuuto-media::
Top-level access to the disk containing the <<library,Kyuuto library>>.
shared::
Accessible both via LAN ([.pathvalue]#\\smb.local.gensokyo.zone\shared#) or globally ([.pathvalue]#\\smb.gensokyo.zone\shared#).
+
A special share used for remote working data, typically used to set up mount points or similar.
Services:::
* <<./steam.adoc#library,Steam Library>>
* <<./steam.adoc#setup,Steam>>
** <<./steam.adoc#beatsaber,Beat Saber>>
opl::
For local use by OPL only.

7
docs/steam.adoc
View file

@ -3,6 +3,7 @@
include::{inc}attrs.adoc[] include::{inc}attrs.adoc[]
:toc: :toc:
[[setup]]
== Setup == Setup
Environment Variables:: Environment Variables::
@ -15,6 +16,12 @@ Advanced System Settings (System Properties -> Advanced) -> Environment Variable
* [[env_GENSO_STEAM_LOCAL_DATA]] `GENSO_STEAM_LOCAL_DATA` = [.value]`+C:\Program Files\GensokyoZone+` or somewhere local to be used as scratch space * [[env_GENSO_STEAM_LOCAL_DATA]] `GENSO_STEAM_LOCAL_DATA` = [.value]`+C:\Program Files\GensokyoZone+` or somewhere local to be used as scratch space
* [[env_GENSO_STEAM_INSTALL]] `GENSO_STEAM_INSTALL` = [.value]`+C:\Program Files (x86)\Steam+` or wherever Steam is installed to * [[env_GENSO_STEAM_INSTALL]] `GENSO_STEAM_INSTALL` = [.value]`+C:\Program Files (x86)\Steam+` or wherever Steam is installed to
[[library]]
=== Library
A network share folder is reserved for storing and sharing Steam games.
Add a new library in Steam's settings to <<env_GENSO_SMB_SHARED_MOUNT,[.pathvalue]#%GENSO_SMB_SHARED_MOUNT%\steam\library#>> for access.
[[beatsaber]] [[beatsaber]]
== Beat Saber == Beat Saber

63
nixos/kyuuto/samba.nix
View file

@ -11,17 +11,15 @@
cfg = config.services.samba; cfg = config.services.samba;
localAddrs = cidrForNetwork.loopback.all ++ cidrForNetwork.local.all localAddrs = cidrForNetwork.loopback.all ++ cidrForNetwork.local.all
++ optionals config.services.tailscale.enable cidrForNetwork.tail.all; ++ optionals config.services.tailscale.enable cidrForNetwork.tail.all;
guestUsers = mkIf cfg.guest.enable [ cfg.guest.user ];
kyuuto-media = { kyuuto-media = {
path = kyuuto.mountDir;
comment = "Kyuuto Media";
writeable = true;
public = false;
"valid users" = [ "@kyuuto-peeps" ];
"acl group control" = true;
"create mask" = "0664"; "create mask" = "0664";
"force directory mode" = "3000"; "force directory mode" = "3000";
"directory mask" = "7775"; "directory mask" = "7775";
}; };
kyuuto-library = kyuuto-media // {
"acl group control" = true;
};
in { in {
services.samba = { services.samba = {
usershare = { usershare = {
@ -29,6 +27,19 @@ in {
path = mkDefault (kyuuto.mountDir + "/usershares"); path = mkDefault (kyuuto.mountDir + "/usershares");
}; };
shares = mkIf cfg.enable { shares = mkIf cfg.enable {
opl = {
comment = "Kyuuto Media OPL";
path = kyuuto.libraryDir + "/games/PS2";
writeable = false;
browseable = false;
public = false;
"valid users" = [
"opl"
"@kyuuto-peeps"
];
"read list" = [ "opl" ];
"hosts allow" = localAddrs;
};
kyuuto-transfer = { kyuuto-transfer = {
comment = "Kyuuto Media Transfer Area"; comment = "Kyuuto Media Transfer Area";
path = kyuuto.transferDir; path = kyuuto.transferDir;
@ -36,7 +47,7 @@ in {
browseable = true; browseable = true;
public = true; public = true;
"valid users" = mkMerge [ "valid users" = mkMerge [
(mkIf cfg.guest.enable [ cfg.guest.user ]) guestUsers
[ "@peeps" ] [ "@peeps" ]
]; ];
#"guest only" = true; #"guest only" = true;
@ -46,29 +57,43 @@ in {
"force directory mode" = "3000"; "force directory mode" = "3000";
"directory mask" = "7775"; "directory mask" = "7775";
}; };
kyuuto-library-access = { kyuuto-library = mkMerge [
kyuuto-library
{
path = kyuuto.libraryDir; path = kyuuto.libraryDir;
comment = "Kyuuto Library Access"; comment = "Kyuuto Library";
writeable = false; writeable = false;
browseable = true; browseable = true;
public = true; public = true;
"valid users" = mkMerge [ "valid users" = mkMerge [
(mkIf cfg.guest.enable [ cfg.guest.user ]) guestUsers
[ "@kyuuto-peeps" ] [ "@kyuuto-peeps" ]
]; ];
"hosts allow" = localAddrs; "read list" = guestUsers;
}; "write list" = [ "@kyuuto-peeps" ];
kyuuto-media = mkMerge [
kyuuto-media
{
browseable = true;
"hosts allow" = localAddrs; "hosts allow" = localAddrs;
} }
]; ];
kyuuto-media-global = mkMerge [ kyuuto-library-net = mkMerge [
kyuuto-library
{
path = kyuuto.libraryDir;
comment = "Kyuuto Library Access";
writeable = true;
public = false;
browseable = false;
"valid users" = [ "@kyuuto-peeps" ];
}
];
kyuuto-media = mkMerge [
kyuuto-media kyuuto-media
{ {
path = kyuuto.mountDir;
comment = "Kyuuto Media";
writeable = true;
public = false;
browseable = false; browseable = false;
"valid users" = [ "@kyuuto-peeps" ];
} }
]; ];
shared = { shared = {
@ -79,8 +104,8 @@ in {
browseable = false; browseable = false;
"valid users" = [ "@peeps" ]; "valid users" = [ "@peeps" ];
"create mask" = "0775"; "create mask" = "0775";
"force file mode" = "3010"; "force create mode" = "0010";
"force directory mode" = "3000"; "force directory mode" = "2000";
"directory mask" = "7775"; "directory mask" = "7775";
}; };
${cfg.usershare.templateShare} = mkIf cfg.usershare.enable { ${cfg.usershare.templateShare} = mkIf cfg.usershare.enable {

6
nixos/secrets/samba.yaml
View file

@ -1,4 +1,4 @@
smbpasswd: ENC[AES256_GCM,data:T9ajprFSoJ8zot3GKKT44Gkc18H/R2O/sVcwoxkCcn8cNQoD+uCOv7t9dDKnvGQKSF6FsC9WxUSL6ZetR0opxH5nvULGpc9WCoxFn6UPZpDRFtp9J3WMbFGNzw+dnwlKJQVy8WqAqajlpjV7+OR1Q+nYGm0EwIjO0JSqE5fX7FcDBzUQJr5gry14Dvzpzh04rOqsGD+aAGXcJLEJej7zLeALPCMOy21VdpKt0wzd1PfeowJCMdIoLAYTlGl33gbONIIEHefa1QY3jn6ZRGmoNF2qWmwueUguak9kdACtocUrJcUhnpbSC3h4HrNVTcMuvoL4SrJ/kxec+Xzv23zc5ylffkpT2XuKjk7M6uiwe+tgVczxvnGn5rtp33nBszausrO9JwD8I5l0pW+BSApdpaVwMv72cNdMRV9nPuUGY/uYlcQ7nTWKypJnmcbbcg/w+WWCfCdSx4HhWN26oQotivY+unrWL/uHkYjVUzefh2/s0cmBbS0wrV//haqkUFGw3oJgM7c6nHYnCNugdYhsrB8u2gRTy+jvZrnYY4ukuuoYiLrXOYVcS38Co8PphCX2h/wnwzVyneaWHg5ttkvf+cEU6on3efzSKZamt+HsbwHB5M/4oiUEDWMH4K6X/xF3cTgHTV6bxUTL/jzLNwW6tKl9bjHnkAjNb6iYOIVXT5KjxpLfcwXr/SvRCINNN1enAEU=,iv:rXRyeDF7kUtfcOhHI8ILCCg9vpHDzCKn4K/2J/dEZLw=,tag:OZ7r2mu9xPTI7JJlddafkg==,type:str] smbpasswd: ENC[AES256_GCM,data:W77mPgQ4sgdEsYgL271Kw34oHXYqMgGOM13KhY6XKlMVpIu1iznzuECXEG/6tDpv7J6hCMex8i4FMy85mUb2a/FLscx+vF7ncSATKZSGSKZZgU/kc5qGqM2yJrm7TnvmjSt7YRJfXBACM2h5X6eVKZ+0mtOAoQD72JLyM7aO8W4z4XyQQpudCqnpmNT5s8icHJGjRQubIm/25Znw8y5RME/OrA2/YkuGXeCNT7dEqHl6/KiH94//+XhCKij8lSV3iaE7ZKLiA3bqQJmp2n8Owvd+cDVZ1wWQU0TQGE1aAKysiHg1Yc1io7ek0t9UxyE5ZrOyifiWv6f2jdxbA7dvIihmlP0XWghdo30T9v4GE97cuNRG2rJTZEi3lP9Qy7Y4yS/XWRfSPLQnZ0D5xvuNxbVbXUR8OBcBlLeG6TFKtLPJgRr8oUrxw/03MHT8wxAOrfFPUYofd377DBIXQSv2Jbxg8117yAI1a/fBl8zFBrdkKDQvUjOSTTlCJ6J9goNe0Ra91noh9GMDC4qRzNheC22QVKWYExbtKyW0+OeIrpTfJ/1Ml1Jrb+FRjS0CDOHgHwYOqaPiyp1tlIgqhYEb3gIF7Ru69A1ctNdugaZAgz83Z951T2kpBNYguIoJn09X/MBq7ZKToWrFBi0kgOCnGbJfC9MusXGdJ1275Co6Xiaq2/mOWRwsH0e6HEjzSaFoOMgDe5jtq4+UIhbbS9u1dvn8/mR4mR/MsHDsT3FUWQ+c3C04/zTdJbt91w/f9PEs+Zi4qKwsyG0AtHzVV8/NADU4xAr1GFYBL9crMe/Y1vvPFXzpIlnfQrg+vYXE9vqXTXOgFB8KKUlT,iv:Ciw/zsXUiITP9vZJgvb9hDRgPZ1jSFISK+8Dqb2DeOs=,tag:Hn/k1t7AmM60tc6fOjj35w==,type:str]
sops: sops:
shamir_threshold: 1 shamir_threshold: 1
kms: [] kms: []
@ -42,8 +42,8 @@ sops:
VitlT3d6d1FOSzFKTFRIWDU3cmJ2aXMKDN7HPa6pQSZd21cLvfk+sYvLqZm9eN+7 VitlT3d6d1FOSzFKTFRIWDU3cmJ2aXMKDN7HPa6pQSZd21cLvfk+sYvLqZm9eN+7
K1v7M9MXLY+nh1YGGbtDbWHh09p8g37tS1OwgGAiETh+z7hWsGHYdw== K1v7M9MXLY+nh1YGGbtDbWHh09p8g37tS1OwgGAiETh+z7hWsGHYdw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-09T21:54:53Z" lastmodified: "2024-02-28T21:51:11Z"
mac: ENC[AES256_GCM,data:tlGNpKn6rWCawNkmCdWJZRQqmNhDHFg5qAxMWRJ7A76I8/1XPZHXjG8m1vw9VaP3XDO15FPrLDUsAsVImXs0xc769GzlYsOa/WhjSbtrbT+WsAU6nXMs1OksKhzeAzCnQ04VCJPowMk09XIASZbIuES1+V6bFFgJbiK44UTHkW0=,iv:Hl+VzbDMI37nSaU4PHZ86362s6zqJWQ35J+qgSG3w20=,tag:uqMjhJ9eqgDsX587f0UCNQ==,type:str] mac: ENC[AES256_GCM,data:nHX08Itwgn4HI98tzq08VOwVG+bZGlBYMUe19SEECo9dRpH9P5eApV1ho8RknPHrTv6m3PBvapaIsTjp7uDVajjXRDKcWCb+5wYN+g0FHTSICohoRvwq0JNqHFszW+CnT5EdMw4V09B94LwDJB2YRABCTwPn2x69p8QU3GLjhrY=,iv:tCYrAcJLV5+OqL3wHNMRA4kxNZo2m73MgUXlCpAGSZg=,tag:6JndAJnSveti0jxqyOAbuw==,type:str]
pgp: pgp:
- created_at: "2024-01-30T22:23:56Z" - created_at: "2024-01-30T22:23:56Z"
enc: |- enc: |-

5
nixos/users/groups.nix
View file

@ -45,5 +45,10 @@ in {
group = "admin"; group = "admin";
isSystemUser = true; isSystemUser = true;
}; };
opl = {
uid = 8125;
group = "nogroup";
isSystemUser = true;
};
}; };
} }