provision.fs.samba.client.enable
Whether to enable enable samba client.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.client.default
default options to add to mounts.<name>
Type: raw value
Default:
{ }
Example:
{
automount = true;
extraOptions = [
"ro"
"diratime"
];
noauto = true;
}
Declared by:
provision.fs.samba.client.localBase
default base directory for all samba mounts
Type: string
Default:
"/mnt/remote"
Declared by:
provision.fs.samba.client.mounts
Samba mount network shares to mount via CIFS.
This module generates an entry in fileSystems for each mount defined here.
Configuration options are provided to aid:
- mounting remote share with specific local user/group (uid/gid)
- mount ordering (after/before/requires/requiredBy) of related systemd services
- samba credential file location (
credentials=compatible file path) - samba password file location (generated a
credentialscompatible file path containingpassword=<password-file>)
Type: attribute set of (samba mount submodule)
Default:
{ }
Example:
{
media = {
force = {
group = "media";
user = "media";
};
hosts = {
allow = [
"10.40.10."
"192.168.0.71"
"localhost"
];
deny = [
"0.0.0.0/0"
];
};
path = "/pool/media";
valid = {
users = [
"smb-media"
"myuser"
];
};
};
}
Declared by:
provision.fs.samba.client.mounts.<name>.enable
Whether to enable enable ‹name› samba mount.
Type: boolean
Default:
true
Example:
true
Declared by:
provision.fs.samba.client.mounts.<name>.after
systemd services to add to after with x-systemd.after
Type: list of string
Default:
[ ]
Example:
[
"systemd-nspawn@media.service"
"zfs-import-pool.service"
]
Declared by:
provision.fs.samba.client.mounts.<name>.automount
Whether to enable enable automount via x-systemd.automount.
Type: boolean
Default:
true
Example:
true
Declared by:
provision.fs.samba.client.mounts.<name>.before
systemd services to add to before with x-systemd.before
Type: list of string
Default:
[ ]
Example:
[
"systemd-nspawn@media.service"
"zfs-import-pool.service"
]
Declared by:
provision.fs.samba.client.mounts.<name>.credentialsFile
(optional) file containing samba credentials, expected to be useable by mount option credentials containing:
username=myuser
password=mypass
domain=mydomain
Type: null or absolute path
Default:
null
Example:
"/root/my-samba-credentials"
Declared by:
provision.fs.samba.client.mounts.<name>.device
final device string, is a valid CIFS path
Type: string
Default:
"///‹name›"
Example:
"//192.168.0.1/media"
Declared by:
provision.fs.samba.client.mounts.<name>.extraOptions
extra mount options to add to {options}
Type: list of string
Default:
[ ]
Example:
[
"ro"
"x-systemd.idle-timeout=60"
]
Declared by:
provision.fs.samba.client.mounts.<name>.gid
local gid to map ownership to, can be a group or gid
Type: null or string
Default:
null
Declared by:
provision.fs.samba.client.mounts.<name>.hostPath
local host mount path
Type: string
Default:
"/mnt/remote/‹name›"
Declared by:
provision.fs.samba.client.mounts.<name>.networkOnlineService
unit to automatically add an after+requires, set to null to disable
Type: null or string
Default:
"systemd-networkd-wait-online.service"
Declared by:
provision.fs.samba.client.mounts.<name>.noatime
Whether to enable adds noatime mount option, Do not update inode access times on this filesystem.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.client.mounts.<name>.noauto
Whether to enable adds noauto mount option, mount unit will not be added to local-fs.target or remote-fs.target (no affect when {automount} is used).
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.client.mounts.<name>.options
final mount options to add to mountpoint (equivalent to -o mount options)
this is generated according to other config set within the share submodule and {extraOptions}
you normally should not need to edit this
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.client.mounts.<name>.passwordFile
(optional) file containing samba password, a credentials file containing the password is generated as an activation script
used instead of {credentials} options when you want to use only a single password as the contents of the file rather than a
file compatible with the credentials mount option.
Type: null or absolute path
Default:
null
Example:
"/root/my-samba-password"
Declared by:
provision.fs.samba.client.mounts.<name>.remoteUrl
samba server ip / fqdn / hostname
Type: string
Default:
""
Declared by:
provision.fs.samba.client.mounts.<name>.requiredBy
systemd services to add to requiredBy + before with x-systemd.requiredBy and x-systemd.before
Type: list of string
Default:
[ ]
Example:
[
"systemd-nspawn@media.service"
"zfs-import-pool.service"
]
Declared by:
provision.fs.samba.client.mounts.<name>.requires
systemd services to add to requires + after with x-systemd.requires and x-systemd.after
Type: list of string
Default:
[ ]
Example:
[
"systemd-nspawn@media.service"
"zfs-import-pool.service"
]
Declared by:
provision.fs.samba.client.mounts.<name>.sambaVersion
samba version to use
Type: null or string
Default:
null
Example:
"3.1"
Declared by:
provision.fs.samba.client.mounts.<name>.share
share name
Type: string
Default:
"‹name›"
Declared by:
provision.fs.samba.client.mounts.<name>.timeouts.device
how long systemd should wait for a device to show up before giving up, specify a time in seconds or append s, min, h etc.
Type: null or string or signed integer
Default:
null
Declared by:
provision.fs.samba.client.mounts.<name>.timeouts.idle
idle timeout for automount unit, see TimeoutIdleSec in systemd.automount, specify a time in seconds or append s, min, h etc.
Type: null or string or signed integer
Default:
null
Declared by:
provision.fs.samba.client.mounts.<name>.timeouts.mount
how long systemd should wait for the mount command to finish up before giving up, specify a time in seconds or append s, min, h etc.
Type: null or string or signed integer
Default:
null
Declared by:
provision.fs.samba.client.mounts.<name>.uid
local uid to map ownership to, can be a username or uid
Type: null or string
Default:
null
Declared by:
provision.fs.samba.client.mounts.<name>.user
remote samba user to login as, if not set a guest mount is assumed
Type: null or string
Default:
null
Declared by:
provision.fs.samba.client.remoteUrl
default remote server url / domain
Type: string
Default:
""
Declared by:
provision.fs.samba.client.sambaVersion
default samba version to mount with (optional)
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.enable
Whether to enable enable samba exports wrapper.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.default.opts
default share options
Type: submodule
Default:
{ }
Example:
{
browseable = true;
}
Declared by:
provision.fs.samba.server.default.opts.browseable
Whether to enable whether directory is browseable, browseable.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.default.opts.create.mask
mask when creating files, corresponds to create mask
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.default.opts.directory.mask
mask when creating directories, corresponds to directory mask
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.default.opts.force.group
force group permissions to specified group, corresponds to force group
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.default.opts.force.user
force user permissions to specified user, corresponds to force user
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.default.opts.guest.ok
Whether to enable enable guest access, guests ok.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.default.opts.hosts.allow
list of hosts to allow, corresponds to hosts allow
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.default.opts.hosts.deny
list of hosts to deny, corresponds to hosts deny
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.default.opts.read.only
Whether to enable set as read only, read only.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.default.opts.valid.users
list of valid users, corresponds to valid users
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.firewall.enable
Whether to enable enable firewall rules for samba.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.firewall.interfaces
allowed interfaces added to networking.firewall.interfaces.<interface>
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.firewall.legacy
Whether to enable use networking.firewall.interfaces rules instead of networking.nftables.gen.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.firewall.sourceIPs
saddr IP addresses or ranges allowed access to NFS ports`
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.global
global settings for share
Type: JSON value
Default:
{ }
Example:
{
"guest account" = "nobody";
"map to guest" = "bad user";
"netbios name" = "smbnix";
security = "user";
"server string" = "smbnix";
workgroup = "WORKGROUP";
}
Declared by:
provision.fs.samba.server.interfaces
interfaces to bind samba daemon to
Type: attribute set of (submodule)
Default:
{ }
Declared by:
provision.fs.samba.server.interfaces.<name>.name
interface name
Type: string
Default:
"‹name›"
Declared by:
provision.fs.samba.server.interfaces.<name>.subnet
subnet/interface to bind samba to, by default samba wont bind to wireguard interfaces, can also be used to limit binding
Type: string
Default:
""
Declared by:
provision.fs.samba.server.logging.enable
Whether to enable enable logging globally.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.logging.level
log level to set globally
Type: string
Default:
"1"
Declared by:
provision.fs.samba.server.settings
extra settings to merge with auto-generated settings, they take precedence in config merging
Type: JSON value
Default:
{ }
Example:
{
global = {
workgroup = "WORKGROUP";
};
}
Declared by:
provision.fs.samba.server.shares
Export paths to enable
Type: attribute set of (submodule)
Default:
{ }
Declared by:
provision.fs.samba.server.shares.<name>.enable
Whether to enable enable exporting share path.
Type: boolean
Default:
true
Example:
true
Declared by:
provision.fs.samba.server.shares.<name>.browseable
Whether to enable whether directory is browseable, browseable.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.shares.<name>.create.mask
mask when creating files, corresponds to create mask
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.shares.<name>.directory.mask
mask when creating directories, corresponds to directory mask
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.shares.<name>.force.group
force group permissions to specified group, corresponds to force group
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.shares.<name>.force.user
force user permissions to specified user, corresponds to force user
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.shares.<name>.guest.ok
Whether to enable enable guest access, guests ok.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.shares.<name>.hosts.allow
list of hosts to allow, corresponds to hosts allow
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.shares.<name>.hosts.deny
list of hosts to deny, corresponds to hosts deny
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.shares.<name>.name
share name
Type: string
Default:
"‹name›"
Example:
"media"
Declared by:
provision.fs.samba.server.shares.<name>.path
host path of export
Type: absolute path
Default:
"/‹name›"
Example:
"/media"
Declared by:
provision.fs.samba.server.shares.<name>.read.only
Whether to enable set as read only, read only.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.shares.<name>.settings
end settings for share
Type: JSON value
Default:
{ }
Example:
{
browseable = true;
}
Declared by:
provision.fs.samba.server.shares.<name>.valid.users
list of valid users, corresponds to valid users
Type: list of string
Default:
[ ]
Declared by:
provision.fs.samba.server.users
Samba users to provision
Type: attribute set of (submodule)
Default:
{ }
Declared by:
provision.fs.samba.server.users.<name>.enable
Whether to enable enable provisioning samba user.
Type: boolean
Default:
true
Example:
true
Declared by:
provision.fs.samba.server.users.<name>.configureUser
Whether to enable whether to configure user in users.users.<name>.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.users.<name>.description
description of user in users.users
Type: string
Default:
"Auto-generated SAMBA user from provision-nix"
Declared by:
provision.fs.samba.server.users.<name>.extraUserConfig
extra configuration to add to users.users.<name>
Type: JSON value
Default:
{ }
Declared by:
provision.fs.samba.server.users.<name>.group.name
user name
Type: null or string
Default:
null
Example:
"media"
Declared by:
provision.fs.samba.server.users.<name>.name
user name
Type: string
Default:
"‹name›"
Example:
"media"
Declared by:
provision.fs.samba.server.users.<name>.provisionSamba
Whether to enable provision samba user password from saved hashedPasswordFile.
Type: boolean
Default:
false
Example:
true
Declared by:
provision.fs.samba.server.users.<name>.sambaPasswordFile
sambaPasswordFile of user, contains the user password for samba, added as samba password when {provisionSamba} is true
Type: null or string
Default:
null
Declared by:
provision.fs.samba.server.users.<name>.uid
uid to set for user (optional)
Type: null or signed integer
Default:
null
Example:
1001
Declared by: