From 1bb464f9660f61e267ffbd0b457a32500a515aa7 Mon Sep 17 00:00:00 2001
From: Zuckerberg <zuckerberg@neet.dev>
Date: Thu, 7 Apr 2022 12:27:49 -0400
Subject: [PATCH] NAS Samba+Plex

---
 common/server/default.nix             |  1 +
 common/server/samba.nix               | 88 +++++++++++++++++++++++++++
 machines/storage/s0/configuration.nix |  9 +++
 3 files changed, 98 insertions(+)
 create mode 100644 common/server/samba.nix

diff --git a/common/server/default.nix b/common/server/default.nix
index 7206e5f..7101367 100644
--- a/common/server/default.nix
+++ b/common/server/default.nix
@@ -12,5 +12,6 @@
     ./gitea.nix
     ./privatebin/privatebin.nix
     ./radio.nix
+    ./samba.nix
   ];
 }
\ No newline at end of file
diff --git a/common/server/samba.nix b/common/server/samba.nix
new file mode 100644
index 0000000..b7d0544
--- /dev/null
+++ b/common/server/samba.nix
@@ -0,0 +1,88 @@
+{ config, lib, pkgs, ... }:
+
+{
+  config = lib.mkIf config.services.samba.enable {
+    services.samba = {
+      openFirewall = true;
+      package = pkgs.sambaFull; # printer sharing
+      securityType = "user";
+
+      # should this be on?
+      nsswins = true;
+
+      extraConfig = ''
+        workgroup = HOME
+        server string = smbnix
+        netbios name = smbnix
+        security = user 
+        use sendfile = yes
+        min protocol = smb2
+        guest account = nobody
+        map to guest = bad user
+
+        # printing
+        load printers = yes
+        printing = cups
+        printcap name = cups
+      '';
+
+      shares = {
+        public = {
+          path = "/data/samba/Public";
+          browseable = "yes";
+          "read only" = "no";
+          "guest ok" = "yes";
+          "create mask" = "0644";
+          "directory mask" = "0755";
+          "force user" = "googlebot";
+          "force group" = "public_data";
+        };
+        private = {
+          path = "/data/samba/Private";
+          browseable = "yes";
+          "read only" = "no";
+          "guest ok" = "no";
+          "create mask" = "0644";
+          "directory mask" = "0755";
+          "force user" = "googlebot";
+          "force group" = "users";
+        };
+        printers = {
+          comment = "All Printers";
+          path = "/var/spool/samba";
+          public = "yes";
+          browseable = "yes";
+          # to allow user 'guest account' to print.
+          "guest ok" = "yes";
+          writable = "no";
+          printable = "yes";
+          "create mode" = 0700;
+        };
+      };
+    };
+
+    # Windows discovery of samba server
+    services.samba-wsdd = {
+      enable = true;
+
+      # are these needed?
+      workgroup = "HOME";
+      hoplimit = 3;
+      discovery = true;
+    };
+    networking.firewall.allowedTCPPorts = [ 5357 ];
+    networking.firewall.allowedUDPPorts = [ 3702 ];
+
+    # Printer discovery
+    # (is this needed?)
+    services.avahi.enable = true;
+    services.avahi.nssmdns = true;
+
+    # printer sharing
+    systemd.tmpfiles.rules = [
+      "d /var/spool/samba 1777 root root -"
+    ];
+
+    users.groups.public_data = {};
+  };
+}
\ No newline at end of file
diff --git a/machines/storage/s0/configuration.nix b/machines/storage/s0/configuration.nix
index 5d811ad..95e24c7 100644
--- a/machines/storage/s0/configuration.nix
+++ b/machines/storage/s0/configuration.nix
@@ -24,4 +24,13 @@
   users.users.googlebot.packages = with pkgs; [
     bcachefs-tools
   ];
+
+  services.samba.enable = true;
+
+  services.plex = {
+    enable = true;
+    openFirewall = true;
+    dataDir = "/data/plex";
+  };
+  users.users.${config.services.plex.user}.extraGroups = [ "public_data" ];
 }