From 44e0c5153ca6a65ee130f30ea8466906deedcada Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 1 Feb 2016 22:01:41 +0100 Subject: ma 1 omo: add shares --- makefu/1systems/omo.nix | 30 +--------------- makefu/2configs/nginx/omo-share.nix | 34 ------------------- makefu/2configs/omo-share.nix | 68 +++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 63 deletions(-) delete mode 100644 makefu/2configs/nginx/omo-share.nix create mode 100644 makefu/2configs/omo-share.nix diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index 19183fea8..e9c51f485 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -28,7 +28,7 @@ in { ../2configs/smart-monitor.nix ../2configs/mail-client.nix ../2configs/share-user-sftp.nix - ../2configs/nginx/omo-share.nix + ../2configs/omo-share.nix ../3modules ]; networking.firewall.trustedInterfaces = [ "enp3s0" ]; @@ -42,34 +42,6 @@ in { # services.openssh.allowSFTP = false; krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce"; - # samba share /media/crypt1/share - users.users.smbguest = { - name = "smbguest"; - uid = config.ids.uids.smbguest; - description = "smb guest user"; - home = "/var/empty"; - }; - services.samba = { - enable = true; - shares = { - winshare = { - path = "/media/crypt1/share"; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - }; - extraConfig = '' - guest account = smbguest - map to guest = bad user - # disable printing - load printers = no - printing = bsd - printcap name = /dev/null - disable spoolss = yes - ''; - }; - # copy config from to /var/lib/sabnzbd/ services.sabnzbd.enable = true; systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; diff --git a/makefu/2configs/nginx/omo-share.nix b/makefu/2configs/nginx/omo-share.nix deleted file mode 100644 index ce85e0442..000000000 --- a/makefu/2configs/nginx/omo-share.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - hostname = config.krebs.build.host.name; - # TODO local-ip from the nets config - local-ip = "192.168.1.11"; - # local-ip = head config.krebs.build.host.nets.retiolum.addrs4; -in { - krebs.nginx = { - enable = mkDefault true; - servers = { - omo-share = { - listen = [ "${local-ip}:80" ]; - locations = singleton (nameValuePair "/" '' - autoindex on; - root /media; - limit_rate_after 100m; - limit_rate 5m; - mp4_buffer_size 4M; - mp4_max_buffer_size 10M; - allow all; - access_log off; - keepalive_timeout 65; - keepalive_requests 200; - reset_timedout_connection on; - sendfile on; - tcp_nopush on; - gzip off; - ''); - }; - }; - }; -} diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix new file mode 100644 index 000000000..1e0975e1d --- /dev/null +++ b/makefu/2configs/omo-share.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + hostname = config.krebs.build.host.name; + # TODO local-ip from the nets config + local-ip = "192.168.1.11"; + # local-ip = head config.krebs.build.host.nets.retiolum.addrs4; +in { + krebs.nginx = { + enable = mkDefault true; + servers = { + omo-share = { + listen = [ "${local-ip}:80" ]; + locations = singleton (nameValuePair "/" '' + autoindex on; + root /media; + limit_rate_after 100m; + limit_rate 5m; + mp4_buffer_size 4M; + mp4_max_buffer_size 10M; + allow all; + access_log off; + keepalive_timeout 65; + keepalive_requests 200; + reset_timedout_connection on; + sendfile on; + tcp_nopush on; + gzip off; + ''); + }; + }; + }; + + # samba share /media/crypt1/share + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + description = "smb guest user"; + home = "/var/empty"; + }; + services.samba = { + enable = true; + shares = { + winshare = { + path = "/media/crypt1/share"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + usenet = { + path = "/media/crypt0/usenet/dst"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} -- cgit v1.2.3