Merge remote-tracking branch 'lass/master'

1 files changed, 39 insertions, 0 deletions

diff --git a/lass/2configs/prism-share.nix b/lass/2configs/prism-share.nix
new file mode 100644
index 000000000..70e616ec6
--- /dev/null
+++ b/lass/2configs/prism-share.nix
@@ -0,0 +1,39 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }:
+
+{
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p tcp --dport 139"; target = "ACCEPT"; }
+    { predicate = "-p tcp --dport 445"; target = "ACCEPT"; }
+    { predicate = "-p udp --dport 137"; target = "ACCEPT"; }
+    { predicate = "-p udp --dport 138"; target = "ACCEPT"; }
+  ];
+  users.users.smbguest = {
+    name = "smbguest";
+    uid = config.ids.uids.smbguest;
+    description = "smb guest user";
+    home = "/home/share";
+    createHome = true;
+  };
+  services.samba = {
+    enable = true;
+    enableNmbd = true;
+    shares = {
+      incoming = {
+        path = "/mnt/prism";
+        "read only" = "no";
+        browseable = "yes";
+        "guest ok" = "yes";
+      };
+    };
+    extraConfig = ''
+      guest account = smbguest
+      map to guest = bad user
+      # disable printing
+      load printers = no
+      printing = bsd
+      printcap name = /dev/null
+      disable spoolss = yes
+    '';
+  };
+}