Samba

From NixOS Wiki
Revision as of 07:18, 27 February 2018 by imported>Makefu (split into client and server)

Motivation

This guide will help you on how to use samba on nixos.

Samba Client

cifs mount

The following snippets shows how to mount a CIFS (Windows) share in NixOS. Replace all <FIELDS> with concrete values:

{
  fileSystems."/mnt/share" = {
      device = "//<IP_OR_HOST>/path/to/share";
      fsType = "cifs";
      options = let
        # this line prevents hanging on network split
        automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";

      in ["${automount_opts},credentials=/etc/nixos/smb-secrets"];
  };
}

Also create /etc/nixos/smb-secrets with the following content (domain= can be optional)

username=<USERNAME>
domain=<DOMAIN>
password=<PASSWORD>

Samba Server

excerpt of /etc/nixos/configuration.nix

services.samba = {
  enable = true;
  securityType = "share";
  extraConfig = ''
    workgroup = WORKGROUP
    server string = smbnix
    netbios name = smbnix
    security = share 
    #use sendfile = yes
    #max protocol = smb2
    hosts allow = 192.168.0  localhost
    hosts deny = 0.0.0.0/0
    guest account = nobody
    map to guest = bad user
  '';
  shares = {
    public = {
      path = "/mnt/Shares/Public";
      browseable = "yes";
      "read only" = "no";
      "guest ok" = "yes";
      "create mask" = "0644";
      "directory mask" = "0755";
      "force user" = "username";
      "force group" = "groupname";
    };
    private = {
      path = "/mnt/Shares/Private";
      browseable = "yes";
      "read only" = "no";
      "guest ok" = "no";
      "create mask" = "0644";
      "directory mask" = "0755";
      "force user" = "username";
      "force group" = "groupname";
    };
  };
};

If your firewall is enabled, or if you consider enabling it:

networking.firewall.enable = true;
networking.firewall.allowPing = true;
networking.firewall.allowedTCPPorts = [ 445 139 ];
networking.firewall.allowedUDPPorts = [ 137 138 ];

samba should startup afterwards

stopping/restarting the services

# systemctl stop samba
# systemctl start samba
# systemctl restart samba

Use Cases

Apple Time Machine

nixpkgs includes Samba4.8-git, which adds support for using shares for Time Machine backups on macOS 10.12+. Example configuration:

services.samba = {
  package = pkgs.sambaMaster;
  shares = {
    tm_share = {
        path = "/mnt/Shares/tm_share";
        "valid users" = "username";
        public = "no";
        writeable = "yes";
        "force user" = "username";
        "fruit:aapl" = "yes";
        "fruit:time machine" = "yes";
        "vfs objects" = "catia fruit streams_xattr";
    };
  };
}


links