summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/share
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
committermakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
commit060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch)
tree2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/2configs/share
parentcbfcc890e3b76d942b927809bf981a5fa7289e6a (diff)
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/2configs/share')
-rw-r--r--makefu/2configs/share/anon-ftp.nix31
-rw-r--r--makefu/2configs/share/anon-sftp.nix25
-rw-r--r--makefu/2configs/share/default.nix29
-rw-r--r--makefu/2configs/share/gum-client.nix31
-rw-r--r--makefu/2configs/share/gum.nix36
-rw-r--r--makefu/2configs/share/hetzner-client.nix29
-rw-r--r--makefu/2configs/share/omo-client.nix28
-rw-r--r--makefu/2configs/share/omo-timemachine.nix19
-rw-r--r--makefu/2configs/share/omo.nix111
-rw-r--r--makefu/2configs/share/temp-share-samba.nix45
-rw-r--r--makefu/2configs/share/wbob.nix47
11 files changed, 0 insertions, 431 deletions
diff --git a/makefu/2configs/share/anon-ftp.nix b/makefu/2configs/share/anon-ftp.nix
deleted file mode 100644
index d2a535f97..000000000
--- a/makefu/2configs/share/anon-ftp.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, lib, ... }:
-let
- ftpdir = "/data";
-in {
- networking.firewall = {
- allowedTCPPorts = [ 20 21 ];
- autoLoadConntrackHelpers = true;
- connectionTrackingModules = [ "ftp" ];
- extraCommands = ''
- iptables -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp
- '';
- };
- systemd.services.vsftpd.preStart = lib.mkForce ''
- mkdir -p -m755 ${ftpdir}/incoming
- chown root:root ${ftpdir}
- chown ftp ${ftpdir}/incoming
- '';
- services.vsftpd = {
- enable = true;
- extraConfig = ''
- ftpd_banner=Welcome to the krebs share, use the incoming dir for new and old leaks. Join freenode#krebs
- '';
- anonymousUser = true;
- anonymousUserNoPassword = true;
- anonymousUploadEnable = true;
- anonymousMkdirEnable = true;
- writeEnable = true;
- chrootlocalUser = true;
- anonymousUserHome = ftpdir;
- };
-}
diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix
deleted file mode 100644
index 7cde9317a..000000000
--- a/makefu/2configs/share/anon-sftp.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-{
- services.openssh = {
- allowSFTP = true;
- sftpFlags = [ "-l VERBOSE" ];
- extraConfig = ''
- Match User anonymous
- ForceCommand internal-sftp
- AllowTcpForwarding no
- X11Forwarding no
- PasswordAuthentication no
- '';
- };
-
- users.users.anonymous = {
- uid = genid "anonymous";
- useDefaultShell = false;
- password = "anonymous";
- home = "/media/anon";
- createHome = true;
- };
-
-}
diff --git a/makefu/2configs/share/default.nix b/makefu/2configs/share/default.nix
deleted file mode 100644
index a1ad349b9..000000000
--- a/makefu/2configs/share/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, lib, ... }:
-with import <stockholm/lib>;
-let
- base-dir = config.services.rtorrent.downloadDir;
-in {
- users.users = {
- download = {
- name = "download";
- home = base-dir;
- isNormalUser = true;
- uid = mkDefault (genid "download");
- createHome = false;
- useDefaultShell = true;
- group = "download";
- openssh.authorizedKeys.keys = [ ];
- };
- };
-
- users.groups = {
- download = {
- gid = lib.mkDefault (genid "download");
- members = [
- config.krebs.build.user.name
- "download"
- ];
- };
- };
-
-}
diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix
deleted file mode 100644
index 09a3dd733..000000000
--- a/makefu/2configs/share/gum-client.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
- automount_opts =
- [ "x-systemd.automount" "noauto"
- "x-systemd.idle-timeout=300"
- "x-systemd.mount-timeout=60s"
- ];
- host = "gum.w"; #TODO
-in {
- boot.extraModprobeConfig = ''
- options cifs CIFSMaxBufSize=130048
- '';
- fileSystems."/media/cloud" = {
- device = "//${host}/cloud-proxy";
- fsType = "cifs";
- options = automount_opts ++
- [ "credentials=/var/src/secrets/download.smb"
- "file_mode=0775"
- "dir_mode=0775"
- "bsize=8388608"
- "fsc"
- "rsize=130048"
- "cache=loose"
- "uid=${toString config.users.users.download.uid}"
- "gid=${toString config.users.groups.download.gid}"
- "vers=3"
- ];
- };
-
-}
diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix
deleted file mode 100644
index 9647e0a6c..000000000
--- a/makefu/2configs/share/gum.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
- hostname = config.krebs.build.host.name;
-in {
- # users.users.smbguest = {
- # name = "smbguest";
- # uid = config.ids.uids.smbguest;
- # description = "smb guest user";
- # home = "/var/empty";
- # };
- environment.systemPackages = [ pkgs.samba ];
- services.samba = {
- enable = true;
- shares = {
- cloud-proxy = {
- path = "/media/cloud";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "no";
- "valid users" = "download";
- };
- };
- extraConfig = ''
- # guest account = smbguest
- # map to guest = bad user
- # disable printing
- load printers = no
- printing = bsd
- printcap name = /dev/null
- disable spoolss = yes
- '';
- };
- networking.firewall.interfaces.retiolum.allowedTCPPorts = [ 445 ];
- networking.firewall.interfaces.wiregrill.allowedTCPPorts = [ 445 ];
-}
diff --git a/makefu/2configs/share/hetzner-client.nix b/makefu/2configs/share/hetzner-client.nix
deleted file mode 100644
index 9713b776a..000000000
--- a/makefu/2configs/share/hetzner-client.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with <stockholm/lib>;
-let
- automount_opts =
- ["nofail"
- ];
- host = "u288834.your-storagebox.de";
-in {
- boot.kernel.sysctl."net.ipv6.route.max_size" = 2147483647;
-
- fileSystems."/media/cloud" = {
- device = "//${host}/backup";
- fsType = "cifs";
- options = automount_opts ++
- [ "credentials=${toString <secrets/hetzner.smb>}"
- "file_mode=0770"
- "dir_mode=0770"
- "uid=${toString config.users.users.download.uid}"
- "gid=${toString config.users.groups.download.gid}"
- "vers=3"
- #"vers=2.1"
- "rsize=65536"
- "wsize=130048"
- "iocharset=utf8"
- "cache=loose"
- ];
- };
-}
diff --git a/makefu/2configs/share/omo-client.nix b/makefu/2configs/share/omo-client.nix
deleted file mode 100644
index 4ad32bdd6..000000000
--- a/makefu/2configs/share/omo-client.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
- automount_opts =
- [ "x-systemd.automount"
- "noauto" "x-systemd.idle-timeout=600"
- "x-systemd.device-timeout=5s"
- "x-systemd.mount-timeout=5s"
- ];
- host = "omo.lan"; #TODO
- path = "/media/omo/photos";
-in {
- systemd.tmpfiles.rules = [
- "d ${path} root root - -"
- ];
- fileSystems."${path}" = {
- device = "//${host}/photos";
- fsType = "cifs";
- options = automount_opts ++
- [ "credentials=/var/src/secrets/omo-client.smb"
- "file_mode=0775"
- "dir_mode=0775"
- "uid=9001"
- "vers=3"
- ];
- };
-
-}
diff --git a/makefu/2configs/share/omo-timemachine.nix b/makefu/2configs/share/omo-timemachine.nix
deleted file mode 100644
index 18cf0328e..000000000
--- a/makefu/2configs/share/omo-timemachine.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ pkgs, ... }:
-{
- services.samba = {
- # support for timemachine in git
- package = pkgs.sambaFull;
- shares = {
- time_machine = {
- path = "/media/crypt3/backup/time_machine";
- "valid users" = "misa";
- public = "no";
- writeable = "yes";
- "force user" = "misa";
- "fruit:aapl" = "yes";
- "fruit:time machine" = "yes";
- "vfs objects" = "catia fruit streams_xattr";
- };
- };
- };
-}
diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix
deleted file mode 100644
index 16959bc90..000000000
--- a/makefu/2configs/share/omo.nix
+++ /dev/null
@@ -1,111 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- hostname = config.krebs.build.host.name;
- # TODO local-ip from the nets config
- internal-ip = "192.168.111.11";
- # local-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
-in {
-
- # samba share /media/crypt1/share
- systemd.services.samba-smbd.serviceConfig.RequiresMountFor = [ "/media/cryptX" ];
- users.users.smbguest = {
- name = "smbguest";
- uid = config.ids.uids.smbguest;
- description = "smb guest user";
- home = "/var/empty";
- group = "share";
- };
- users.groups.share = {};
- services.samba = {
- enable = true;
- shares = {
- winshare = {
- path = "/media/crypt1/share";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "yes";
- };
- emu = {
- path = "/media/crypt1/emu";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- movies = {
- path = "/media/cryptX/movies";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- audiobook = {
- path = "/media/crypt1/audiobooks";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- crypt0 = {
- path = "/media/crypt0";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- anime = {
- path = "/media/cryptX/anime";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- serien = {
- path = "/media/cryptX/series";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- youtube = {
- path = "/media/cryptX/youtube";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- photos = {
- path = "/media/cryptX/photos";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- crypX-games = {
- path = "/media/cryptX/games";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- media-rw = {
- path = "/media/";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "no";
- "valid users" = "makefu";
- };
- #cloud = {
- # path = "/media/cloud/download/finished";
- # "read only" = "no";
- # browseable = "yes";
- # "guest ok" = "yes";
- #};
- };
- extraConfig = ''
- guest account = smbguest
- map to guest = bad user
- # disable printing
- load printers = no
- printing = bsd
- printcap name = /dev/null
- disable spoolss = yes
- workgroup = WORKGROUP
- server string = ${config.networking.hostName}
- netbios name = ${config.networking.hostName}
- '';
- };
-}
diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix
deleted file mode 100644
index bcfddc112..000000000
--- a/makefu/2configs/share/temp-share-samba.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{config, ... }:{
- services.avahi = {
- enable = true;
- interfaces = [ config.makefu.server.primary-itf ];
- publish.enable = true;
- publish.userServices = true;
- };
- networking.firewall.allowedUDPPorts = [ 137 138 ];
- networking.firewall.allowedTCPPorts = [ 139 445 ];
- users.users.smbguest = {
- name = "smbguest";
- uid = config.ids.uids.smbguest; # effectively systemUser
- description = "smb guest user";
- home = "/home/share";
- createHome = true;
- group = "smbguest";
- };
- users.groups.smbguest = {};
- services.samba = {
- enable = true;
- shares = {
- share-home = {
- path = "/home/share/";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "yes";
- };
- movies = {
- path = "/home/makefu/movies";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- };
- extraConfig = ''
- guest account = smbguest
- map to guest = bad user
- # disable printing
- load printers = no
- printing = bsd
- printcap name = /dev/null
- disable spoolss = yes
- '';
- };
-}
diff --git a/makefu/2configs/share/wbob.nix b/makefu/2configs/share/wbob.nix
deleted file mode 100644
index 9e5f8ddf5..000000000
--- a/makefu/2configs/share/wbob.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{config, ... }:{
- networking.firewall.allowedUDPPorts = [ 137 138 ];
- networking.firewall.allowedTCPPorts = [ 139 445 ];
- users.users.smbguest = {
- name = "smbguest";
- uid = config.ids.uids.smbguest; # effectively systemUser
- description = "smb guest user";
- home = "/home/share";
- createHome = true;
- group = "smbguest";
- };
- users.groups.smbguest = {};
- users.groups.mpd.members = [ "makefu" ];
- services.samba = {
- enable = true;
- enableNmbd = true;
- shares = {
- incoming = {
- path = "/data/incoming";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "yes";
- };
- data = {
- path = "/data/";
- "read only" = "yes";
- browseable = "yes";
- "guest ok" = "yes";
- };
- music-rw = {
- path = "/data/music";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "no";
- };
- };
- extraConfig = ''
- guest account = smbguest
- map to guest = bad user
- # disable printing
- load printers = no
- printing = bsd
- printcap name = /dev/null
- disable spoolss = yes
- '';
- };
-}