l icarus.r: share prism in local network
This commit is contained in:
parent
c3e644d0f5
commit
7d971fc78e
|
@ -18,6 +18,8 @@
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
|
<stockholm/lass/2configs/prism-share.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.icarus;
|
krebs.build.host = config.krebs.hosts.icarus;
|
||||||
|
|
39
lass/2configs/prism-share.nix
Normal file
39
lass/2configs/prism-share.nix
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 139"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p tcp --dport 445"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p udp --dport 137"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p udp --dport 138"; target = "ACCEPT"; }
|
||||||
|
];
|
||||||
|
users.users.smbguest = {
|
||||||
|
name = "smbguest";
|
||||||
|
uid = config.ids.uids.smbguest;
|
||||||
|
description = "smb guest user";
|
||||||
|
home = "/home/share";
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
services.samba = {
|
||||||
|
enable = true;
|
||||||
|
enableNmbd = true;
|
||||||
|
shares = {
|
||||||
|
incoming = {
|
||||||
|
path = "/mnt/prism";
|
||||||
|
"read only" = "no";
|
||||||
|
browseable = "yes";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
guest account = smbguest
|
||||||
|
map to guest = bad user
|
||||||
|
# disable printing
|
||||||
|
load printers = no
|
||||||
|
printing = bsd
|
||||||
|
printcap name = /dev/null
|
||||||
|
disable spoolss = yes
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user