Add new samba share
This commit is contained in:
parent
815c2c295e
commit
7501b311f8
SSH Key Fingerprint:
SHA256:mf+pUTmK92Y57BuCjlkBdd82LqztTfDCQIUp0fCKABc
|
|
@ -7,12 +7,15 @@ _: {
|
|||
};
|
||||
in {
|
||||
min = shareUser;
|
||||
# other ppls
|
||||
u2-1 = shareUser;
|
||||
};
|
||||
groups."share" = {};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /terra/terrarium 0775 root share - -"
|
||||
"d /terra/lostlibrary 0775 root share - -"
|
||||
];
|
||||
|
||||
services.samba = {
|
||||
|
|
@ -22,20 +25,25 @@ _: {
|
|||
settings = {
|
||||
global = {
|
||||
"security" = "user";
|
||||
"browseable" = true;
|
||||
"smb encrypt" = "required";
|
||||
|
||||
"valid users" = "@share";
|
||||
};
|
||||
|
||||
terrarium = {
|
||||
"path" = "/terra/terrarium";
|
||||
"browseable" = true;
|
||||
"read only" = false;
|
||||
"guest ok" = false;
|
||||
"create mask" = "0664";
|
||||
"directory mask" = "0775";
|
||||
};
|
||||
|
||||
terrarium = {
|
||||
"path" = "/terra/terrarium";
|
||||
"read only" = false;
|
||||
"valid users" = "min";
|
||||
};
|
||||
|
||||
lostlibrary = {
|
||||
"path" = "/terra/lostlibrary";
|
||||
"read only" = false;
|
||||
"valid users" = "min u2-1";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ in {
|
|||
sops.secrets."svc-wireguard-key" = {};
|
||||
sops.secrets."svc-wireguard-psk-0-2" = {};
|
||||
sops.secrets."svc-wireguard-psk-1-1" = {};
|
||||
sops.secrets."svc-wireguard-psk-2-1" = {};
|
||||
|
||||
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
|
||||
|
||||
|
|
@ -50,6 +51,11 @@ in {
|
|||
allowedIPs = ["10.193.1.1/32"];
|
||||
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-1-1".path;
|
||||
}
|
||||
{
|
||||
publicKey = "E+cApvpWOfwehlwDxA8paR/fWZq8iozSofTSRA7dBx0=";
|
||||
allowedIPs = ["10.193.2.1/32"];
|
||||
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-2-1".path;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ svc-nebula-key: ENC[AES256_GCM,data:FV5KD4pMAXN1VBh93M3sDN5qb/B2SCGXKnfi+IMLcCKL
|
|||
svc-wireguard-key: ENC[AES256_GCM,data:dmxJ07UnQAtet4RtlVXEMFLVKxOU44XQcUW7h7UPbLG9chiQeXGkZkkTihs=,iv:bEA9+DYDBLo1dgrCSrIpa1ig9JJEtXeJF5ZmtdsAO3s=,tag:tyLB5Dd9uolalSzddC608A==,type:str]
|
||||
svc-wireguard-psk-0-2: ENC[AES256_GCM,data:0sTGYa3HUe70hYJZnPy9w0iG37aRDTplmdvGdc5C8KN8Dg5XbVc2CmVS1r4=,iv:9Dnr3BYhzKKOZ7S565HY4CkhgPv1JEd3Zk7662/cd9s=,tag:Dd0BLrIjfX0F2lBan59jUg==,type:str]
|
||||
svc-wireguard-psk-1-1: ENC[AES256_GCM,data:YbxjRleUWTr1+rZyzZ+5vB9Po/V0T1mYhH+H8igjascGV/Oo4lPn1xoYqLg=,iv:+fcWdpRqR7GU5UXug+6GCX9Be5DoE944T5PIm0csgEU=,tag:3mGEL3KYjfSJ9uM+i6Wirg==,type:str]
|
||||
svc-wireguard-psk-2-1: ENC[AES256_GCM,data:+80iLdsHE0rtM1rVb4xUfzOwpMSOqgxtuKWg4d7Kj7kDuvrCrHPX83NruNo=,iv:HDfGq2o41qTyUU3PwfUvJJcb88JIcbW3yrfqRY8lBxY=,tag:+jWwRf5vqSriCOKdOu3Qag==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1yubikey1qg5k0y844v5e79uwax3r00u7zdljwnjlrmwvdr3st9m5a3ra5098qy0sjdj
|
||||
|
|
@ -31,7 +32,7 @@ sops:
|
|||
MXdERWkyRitkbWtHMnpQaGxhbTRma2cK75S4x9TdquXAV00m9EQ1vJno14YTmPD4
|
||||
K8ne37brRWWi3gW6JsaOQOshNE19u4uwkAXZ2IQ+NdAq7Kt/qrcU8w==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-05-10T00:53:55Z"
|
||||
mac: ENC[AES256_GCM,data:KOs621LpjHZCoMhcTv1r5XQn3wGv18HSBIuGOsgqx8V9SZQE8a5mFKqPHw7eVRhD0sXa0tZrsdRGyjuYBrQ/W1Ay5iiehg00RICfthx9ON0sAxam8nJpUAV5fnmW57yj3OQfNQWgivsRy18bTUMUZ2WxNTGTk7iUW1oLuKXZW6Y=,iv:BYonX1N3Rdg8FNtkRmd+kGNhg/j9kN5fyG7NQRz4V+U=,tag:8Lc/Ql5Azl4el0ZvHm7Zag==,type:str]
|
||||
lastmodified: "2025-05-10T21:20:57Z"
|
||||
mac: ENC[AES256_GCM,data:DW6JeUzmMBOTvf6ryn943ZzbQ8785cPERuCALUdd9AS+SfbXwSOrHB8O+P8CFOFhgEyQZAxTX3s/Zgf7kXrNkZw42GOebdHIK/GN4ZVcY//RJ9muuYPrnniBe158vGzqBtq73tZRKIyp725hhfEc+vISsQ4c6023dPpToFQQH6w=,iv:himdgdJFnQVyowYcqiJcWd44XIWI3ToPeVV2tXfFhGg=,tag:8gO8KJk88sCp0lj+kPlOGg==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.2
|
||||
|
|
|
|||
Loading…
Reference in New Issue