zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Require auth for public samba share

Browse Source
This commit is contained in:
Zuckerberg 2022-05-16 13:22:00 -04:00
parent 8a1e0b76f1
commit 63902fcb46
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
common/pc/mount-samba.nix
View File

@ -12,7 +12,7 @@ let
auth_opts = "credentials=/run/agenix/smb-secrets"; auth_opts = "credentials=/run/agenix/smb-secrets";
version_opts = "vers=2.1"; version_opts = "vers=2.1";
opts = "${network_opts},${user_opts},${version_opts}"; opts = "${network_opts},${user_opts},${version_opts},${auth_opts}";
in { in {
options.services.mount-samba = { options.services.mount-samba = {
enable = lib.mkEnableOption "enable mounting samba shares"; enable = lib.mkEnableOption "enable mounting samba shares";
@ -22,13 +22,13 @@ in {
fileSystems."/mnt/public" = { fileSystems."/mnt/public" = {
device = "//s0.zt.neet.dev/public"; device = "//s0.zt.neet.dev/public";
fsType = "cifs"; fsType = "cifs";
options = ["guest,${opts}"]; options = [ opts ];
}; };
fileSystems."/mnt/private" = { fileSystems."/mnt/private" = {
device = "//s0.zt.neet.dev/googlebot"; device = "//s0.zt.neet.dev/googlebot";
fsType = "cifs"; fsType = "cifs";
options = ["${auth_opts},${opts}"]; options = [ opts ];
}; };
age.secrets.smb-secrets.file = ../../secrets/smb-secrets.age; age.secrets.smb-secrets.file = ../../secrets/smb-secrets.age;

2
common/server/samba.nix
View File

@ -35,7 +35,7 @@
path = "/data/samba/Public"; path = "/data/samba/Public";
browseable = "yes"; browseable = "yes";
"read only" = "no"; "read only" = "no";
"guest ok" = "yes"; "guest ok" = "no";
"create mask" = "0644"; "create mask" = "0644";
"directory mask" = "0755"; "directory mask" = "0755";
"force user" = "public_data"; "force user" = "public_data";