gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore(kyuuto): dial in more settings

Browse source
This commit is contained in:
arcnmx 2024-02-09 17:20:36 -08:00
parent d57c3e7b1a
commit b4e6cdac9d
3 changed files with 28 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/nixos/samba.nix
View file

@ -139,6 +139,9 @@ in {
}) })
]; ];
settings = mkMerge ([ settings = mkMerge ([
{
"use sendfile" = mkOptionDefault true;
}
(mkIf (cfg.passdb.smbpasswd.path != null) { (mkIf (cfg.passdb.smbpasswd.path != null) {
"passdb backend" = mkOptionDefault "smbpasswd:${cfg.passdb.smbpasswd.path}"; "passdb backend" = mkOptionDefault "smbpasswd:${cfg.passdb.smbpasswd.path}";
}) })
@ -163,7 +166,6 @@ in {
(mkIf cfg.guest.enable { (mkIf cfg.guest.enable {
"map to guest" = mkOptionDefault "Bad User"; "map to guest" = mkOptionDefault "Bad User";
"guest account" = mkOptionDefault cfg.guest.user; "guest account" = mkOptionDefault cfg.guest.user;
"valid users" = [ cfg.guest.user ];
}) })
] ++ mapAttrsToList (_: idmap: mapAttrs' (key: value: nameValuePair "idmap config ${idmap.domain} : ${key}" (mkOptionDefault value)) idmap.settings) cfg.idmap.domains); ] ++ mapAttrsToList (_: idmap: mapAttrs' (key: value: nameValuePair "idmap config ${idmap.domain} : ${key}" (mkOptionDefault value)) idmap.settings) cfg.idmap.domains);
extraConfig = mkMerge (mapAttrsToList (key: value: ''${key} = ${settingValue value}'') cfg.settings); extraConfig = mkMerge (mapAttrsToList (key: value: ''${key} = ${settingValue value}'') cfg.settings);

19
nixos/kyuuto/samba.nix
View file

@ -4,7 +4,7 @@
lib, lib,
... ...
}: let }: let
inherit (lib.modules) mkIf mkDefault; inherit (lib.modules) mkIf mkMerge mkDefault;
inherit (lib.lists) optionals; inherit (lib.lists) optionals;
inherit (config.networking.access) cidrForNetwork; inherit (config.networking.access) cidrForNetwork;
inherit (config) kyuuto; inherit (config) kyuuto;
@ -24,6 +24,10 @@ in {
writeable = true; writeable = true;
browseable = true; browseable = true;
public = true; public = true;
"valid users" = mkMerge [
(mkIf cfg.guest.enable [ cfg.guest.user ])
[ "@peeps" ]
];
#"guest only" = true; #"guest only" = true;
"hosts allow" = localAddrs; "hosts allow" = localAddrs;
"acl group control" = true; "acl group control" = true;
@ -37,6 +41,10 @@ in {
writeable = false; writeable = false;
browseable = true; browseable = true;
public = true; public = true;
"valid users" = mkMerge [
(mkIf cfg.guest.enable [ cfg.guest.user ])
[ "@kyuuto-peeps" ]
];
"hosts allow" = localAddrs; "hosts allow" = localAddrs;
}; };
kyuuto-media = { kyuuto-media = {
@ -51,6 +59,15 @@ in {
"force directory mode" = "3000"; "force directory mode" = "3000";
"directory mask" = "7775"; "directory mask" = "7775";
}; };
${cfg.usershare.templateShare} = mkIf cfg.usershare.enable {
writeable = true;
browseable = true;
public = false;
"valid users" = [ "@peeps" ];
"create mask" = "0664";
"force directory mode" = "5000";
"directory mask" = "7775";
};
}; };
}; };

8
nixos/samba.nix
View file

@ -34,11 +34,17 @@ in {
"winbind scan trusted domains" = false; "winbind scan trusted domains" = false;
"winbind use default domain" = true; "winbind use default domain" = true;
"domain master" = false; "domain master" = false;
"valid users" = [ "@peeps" ];
"remote announce" = mkIf hasIpv4 [ "remote announce" = mkIf hasIpv4 [
"10.1.1.255/${cfg.settings.workgroup}" "10.1.1.255/${cfg.settings.workgroup}"
]; ];
}; };
idmap.domains = mkIf (!cfg.ldap.enable) {
nss = {
backend = "nss";
domain = "*";
range.min = 8000;
};
};
}; };
services.samba-wsdd = { services.samba-wsdd = {