steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: steveej:4123104552ef1a23f4ffec59260cfb9df39938bf
Branches Tags
steveej:master
steveej:WIP-router0-nfmnk-tunnels
steveej:wip
steveej:wip-bpir3
steveej:pr_htz0
steveej:evolution_decsync
steveej:t14_relabel
steveej:t14_new_drive
steveej:srv0_drivechange
steveej:staging-steveej
steveej:pa600-unused
steveej:pr/odroidh2p-0
...
compare: steveej:f59930c49edcc293d348eeb15a88d6014155c0e2
Branches Tags
steveej:master
steveej:WIP-router0-nfmnk-tunnels
steveej:wip
steveej:wip-bpir3
steveej:pr_htz0
steveej:evolution_decsync
steveej:t14_relabel
steveej:t14_new_drive
steveej:srv0_drivechange
steveej:staging-steveej
steveej:pa600-unused
steveej:pr/odroidh2p-0

2 commits
4123104552 ... f59930c49e

Author SHA1 Message Date
Stefan Junker
f59930c49e feat(syncthing): expose scan folder via samba 2025-05-14 10:46:20 +02:00
Stefan Junker
be974b10e4 nix/os/devices/sj-srv1: bump versions 2025-05-13 16:02:32 +02:00
2 changed files with 66 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

54
nix/os/containers/syncthing.nix
View file

@ -5,6 +5,7 @@
localAddress, localAddress,
syncthingPort ? 22000, syncthingPort ? 22000,
syncthingLocalAnnouncePort ? 21027, syncthingLocalAnnouncePort ? 21027,
smbTcpPort ? 445,
autoStart ? false, autoStart ? false,
}: }:
{ {
@ -26,6 +27,54 @@
openDefaultPorts = true; openDefaultPorts = true;
guiAddress = "0.0.0.0:8384"; guiAddress = "0.0.0.0:8384";
}; };
services.samba = {
enable = true;
securityType = "user";
openFirewall = true;
settings = {
global = {
"workgroup" = "DMZ";
"server string" = "syncthing";
"netbios name" = "syncthing";
"security" = "user";
#"use sendfile" = "yes";
#"max protocol" = "smb2";
# note: localhost is the ipv6 localhost ::1
"hosts allow" = "192.168.23. 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
};
"scan-stefan" = {
"path" = "/var/lib/syncthing/Sync/Home::Scan::Stefan";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "syncthing";
"force group" = "syncthing";
};
"scan-justyna" = {
"path" = "/var/lib/syncthing/Sync/Home::Scan::Justyna";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "syncthing";
"force group" = "syncthing";
};
};
};
# TODO: find out if smbpasswd file is still used and set it here. or find an alternative
# sops.secrets.smbpasswd = {
# };
# environment.etc."samba/smbpasswd".source = config.sops.secrets.smbpasswd.text;
}; };
inherit autoStart; inherit autoStart;
@ -54,6 +103,11 @@
hostPort = syncthingLocalAnnouncePort; hostPort = syncthingLocalAnnouncePort;
protocol = "udp"; protocol = "udp";
} }
{
containerPort = 445;
hostPort = smbTcpPort;
protocol = "tcp";
}
]; ];
inherit hostBridge hostAddress localAddress; inherit hostBridge hostAddress localAddress;

24
nix/os/devices/sj-srv1/flake.lock generated
View file

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742655702, "lastModified": 1747020534,
"narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", "narHash": "sha256-D/6rkiC6w2p+4SwRiVKrWIeYzun8FBg7NlMKMwQMxO0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", "rev": "b4bbdc6fde16fc2051fcde232f6e288cd22007ca",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,11 +23,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742937945, "lastModified": 1746957726,
"narHash": "sha256-lWc+79eZRyvHp/SqMhHTMzZVhpxkRvthsP1Qx6UCq0E=", "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d02d88f8de5b882ccdde0465d8fa2db3aa1169f7", "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -55,11 +55,11 @@
}, },
"nixpkgs-master": { "nixpkgs-master": {
"locked": { "locked": {
"lastModified": 1743256265, "lastModified": 1747142919,
"narHash": "sha256-1GJtabBAEwSkwKgSBe+osLCYwcRr5zx5H7ipuoVkO/4=", "narHash": "sha256-84jJ5uDXws7EYch+4fxmfoCCTWRWZCXCCVM0Dh65ZH8=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5dab1e63b3efccf767a54b0b978b41fe7410aff0", "rev": "60bdd7db9e890967224c2244be45beecd7d6e448",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -71,11 +71,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1743210622, "lastModified": 1747114929,
"narHash": "sha256-AagCXne3DGJARB7kxCjcBgJddT/J2CC7SSe7I6kFqso=", "narHash": "sha256-GnQGiZiOnGfxM9oVhgqOJk0Qv1aZ11p5Aloac2tdoKY=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "800863744b6d0ef3c748a094a15e7f9d361f62fb", "rev": "fab95ba4b9523f310644e6e6087c0014535c8e02",
"type": "github" "type": "github"
}, },
"original": { "original": {