Samba
Motivation
This guide will help you on how to use samba on nixos.
Samba Client
cifs mount
The following snippets shows how to mount a CIFS (Windows) share in NixOS.
Replace all <FIELDS>
with concrete values:
{
fileSystems."/mnt/share" = {
device = "//<IP_OR_HOST>/path/to/share";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in ["${automount_opts},credentials=/etc/nixos/smb-secrets"];
};
}
Also create /etc/nixos/smb-secrets with the following content (domain=
can be optional)
username=<USERNAME>
domain=<DOMAIN>
password=<PASSWORD>
Samba Server
excerpt of /etc/nixos/configuration.nix
services.samba = {
enable = true;
securityType = "share";
extraConfig = ''
workgroup = WORKGROUP
server string = smbnix
netbios name = smbnix
security = share
#use sendfile = yes
#max protocol = smb2
hosts allow = 192.168.0 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares = {
public = {
path = "/mnt/Shares/Public";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "username";
"force group" = "groupname";
};
private = {
path = "/mnt/Shares/Private";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "username";
"force group" = "groupname";
};
};
};
If your firewall is enabled, or if you consider enabling it:
networking.firewall.enable = true;
networking.firewall.allowPing = true;
networking.firewall.allowedTCPPorts = [ 445 139 ];
networking.firewall.allowedUDPPorts = [ 137 138 ];
samba should startup afterwards
stopping/restarting the services
# systemctl stop samba
# systemctl start samba
# systemctl restart samba
Use Cases
Apple Time Machine
nixpkgs includes Samba4.8-git, which adds support for using shares for Time Machine backups on macOS 10.12+. Example configuration:
services.samba = {
package = pkgs.sambaMaster;
shares = {
tm_share = {
path = "/mnt/Shares/tm_share";
"valid users" = "username";
public = "no";
writeable = "yes";
"force user" = "username";
"fruit:aapl" = "yes";
"fruit:time machine" = "yes";
"vfs objects" = "catia fruit streams_xattr";
};
};
}