Compare commits
4 commits
715239373d
...
a55db1401a
Author | SHA1 | Date | |
---|---|---|---|
a55db1401a | |||
ced8aa083e | |||
e94ec78209 | |||
78f9908a26 |
7 changed files with 103 additions and 10 deletions
11
nixos/hosts/gandalf/config/samba-config.nix
Normal file
11
nixos/hosts/gandalf/config/samba-config.nix
Normal file
|
@ -0,0 +1,11 @@
|
|||
{ config, ... }:
|
||||
''
|
||||
workgroup = WORKGROUP
|
||||
server string = gandalf
|
||||
netbios name = gandalf
|
||||
security = user
|
||||
# note: localhost is the ipv6 localhost ::1
|
||||
hosts allow = 0.0.0.0/0
|
||||
guest account = nobody
|
||||
map to guest = bad user
|
||||
''
|
44
nixos/hosts/gandalf/config/samba-shares.nix
Normal file
44
nixos/hosts/gandalf/config/samba-shares.nix
Normal file
|
@ -0,0 +1,44 @@
|
|||
{ ... }: {
|
||||
xen = {
|
||||
path = "/eru/xen-backups";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "no";
|
||||
"create mask" = "0644";
|
||||
"directory mask" = "0755";
|
||||
"force user" = "apps";
|
||||
"force group" = "apps";
|
||||
};
|
||||
hansonhive = {
|
||||
path = "/eru/hansonhive";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "no";
|
||||
"create mask" = "0644";
|
||||
"directory mask" = "0755";
|
||||
"force user" = "www-data";
|
||||
"force group" = "www-data";
|
||||
};
|
||||
tm_joe = {
|
||||
path = "/eru/tm_joe";
|
||||
"valid users" = "jahanson";
|
||||
public = "no";
|
||||
writeable = "yes";
|
||||
"guest ok" = "no";
|
||||
"force user" = "jahanson";
|
||||
"fruit:aapl" = "yes";
|
||||
"fruit:time machine" = "yes";
|
||||
"vfs objects" = "catia fruit streams_xattr";
|
||||
};
|
||||
tm_elisia = {
|
||||
path = "/eru/tm_elisia";
|
||||
"valid users" = "emhanson";
|
||||
public = "no";
|
||||
writeable = "yes";
|
||||
"guest ok" = "no";
|
||||
"force user" = "emhanson";
|
||||
"fruit:aapl" = "yes";
|
||||
"fruit:time machine" = "yes";
|
||||
"vfs objects" = "catia fruit streams_xattr";
|
||||
};
|
||||
}
|
|
@ -10,11 +10,15 @@
|
|||
];
|
||||
|
||||
boot = {
|
||||
initrd.availableKernelModules = [ "ehci_pci" "ahci" "mpt3sas" "isci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
initrd.kernelModules = [ ];
|
||||
initrd = {
|
||||
availableKernelModules = [ "ehci_pci" "ahci" "mpt3sas" "isci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
kernelModules = [ "nfs" ];
|
||||
supportedFilesystems = [ "nfs" ];
|
||||
};
|
||||
|
||||
kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
|
||||
extraModulePackages = [ ];
|
||||
kernelParams = [ "iommu=pt" "intel_iommu=on" ];
|
||||
kernelParams = [ "iommu=pt" "intel_iommu=on" "zfs.zfs_arc_max=107374182400" ]; # 100GB
|
||||
};
|
||||
|
||||
# Network settings
|
||||
|
@ -65,6 +69,17 @@
|
|||
# System settings and services.
|
||||
mySystem = {
|
||||
purpose = "Production";
|
||||
system.motd.networkInterfaces = [ "enp130s0f0" "enp130s0f1" ];
|
||||
system = {
|
||||
motd.networkInterfaces = [ "enp130s0f0" "enp130s0f1" ];
|
||||
# ZFS
|
||||
zfs.enable = true;
|
||||
zfs.mountPoolsAtBoot = [ "eru" ];
|
||||
# NFS
|
||||
nfs.enable = true;
|
||||
# Samba
|
||||
samba.enable = true;
|
||||
samba.shares = import ./config/samba-shares.nix { };
|
||||
samba.extraConfig = import ./config/samba-config.nix { };
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@ let
|
|||
in
|
||||
{
|
||||
options.mySystem.services.haproxy = {
|
||||
enable = mkEnableOption "haproxy";
|
||||
enable = mkEnableOption "haproxy" // { default = false; };
|
||||
package = mkPackageOption pkgs "haproxy" { };
|
||||
config = mkOption {
|
||||
type = types.str;
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
./pushover
|
||||
./security.nix
|
||||
./systempackages.nix
|
||||
./samba
|
||||
./time.nix
|
||||
./zfs.nix
|
||||
];
|
||||
|
|
25
nixos/modules/nixos/system/samba/default.nix
Normal file
25
nixos/modules/nixos/system/samba/default.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ lib, config, ... }:
|
||||
let
|
||||
cfg = config.mySystem.services.samba;
|
||||
in
|
||||
{
|
||||
options.mySystem.services.samba = {
|
||||
enable = lib.mkEnableOption "samba";
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
};
|
||||
|
||||
shares = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified);
|
||||
default = "";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.samba.enable = true;
|
||||
services.samba.extraConfig = cfg.extraConfig;
|
||||
services.samba.shares = cfg.shares;
|
||||
services.samba.openFirewall = true;
|
||||
};
|
||||
}
|
|
@ -2,9 +2,6 @@
|
|||
with lib;
|
||||
{
|
||||
boot = {
|
||||
# for managing/mounting nfs
|
||||
supportedFilesystems = [ "nfs" ];
|
||||
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
|
|
Loading…
Reference in a new issue