diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2023-12-26 18:36:08 -0500 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2023-12-26 18:36:08 -0500 |
commit | 747ba4653e24ad5c33a114b412871c86db9dd693 (patch) | |
tree | 27ff661e5f5568e3de165bf306a871431d9d7358 | |
parent | 3d521a6af07af8f8cd330b080d0f472abacf0bf9 (diff) |
samba
-rw-r--r-- | machines/dragon.nix | 3 | ||||
-rw-r--r-- | modules/router.nix | 5 | ||||
-rw-r--r-- | modules/users.nix | 3 |
3 files changed, 7 insertions, 4 deletions
diff --git a/machines/dragon.nix b/machines/dragon.nix index 13ecbbf..60c1f8b 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -41,6 +41,7 @@ in { services.samba = { enable = true; + securityType = "user"; extraConfig = '' workgroup = WORKGROUP server string = dragon @@ -58,7 +59,7 @@ in { "create mask" = "0666"; "directory mask" = "0777"; "force user" = "annie"; - "force group" = "users"; + "force group" = "readonly"; }; public = { path = "/storage/upload"; diff --git a/modules/router.nix b/modules/router.nix index ee95cf1..ace0b57 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -201,10 +201,9 @@ let ${toString mullvadPort} } define SERVER_LAN_PORTS = { - tftp, 139, 445, 137, 138, + tftp, 1080, # socks - wsdapi, # samba - ws-discovery, # discovery + 139, 445, 137, 138, wsdapi, ws-discovery, # samba } table inet filter { chain input { diff --git a/modules/users.nix b/modules/users.nix index 0b38c0a..58ad230 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -37,6 +37,9 @@ in { home = "/storage/annie"; uid = 1001; description = "Annie Poon"; + extraGroups = [ + "readonly" + ]; }; guest = { isNormalUser = true; |