eliribble
/
nixos-systems
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: eliribble:b31ab6e7caf625675afbc3631a98fb442cffde3c
Branches Tags
eliribble:main
...
compare: eliribble:7970d9f911ad3af93a25dc359a148da3c12af553
Branches Tags
eliribble:main

3 Commits
b31ab6e7ca ... 7970d9f911

Author SHA1 Message Date
Eli Ribble 7970d9f911 Allow pings to ensure the home is up. 
Just convenient, not that unsafe.
 2024-07-31 17:06:25 +00:00
Eli Ribble 4dd10a99a1 Add resolution for this server to itself. 
Within my home networks home.arpa resolves to DNS for the home domain.
From there the pihole service will provide DNS for all the connected
clients and custom service names.
 2024-07-31 17:05:26 +00:00
Eli Ribble 6763a973a0 Add basic Samba config for the scanner 
This allows the scanner to log into samba with its own username and
password.
 2024-07-31 17:04:56 +00:00
1 changed files with 50 additions and 1 deletions
Show Stats Expand all files Collapse all files

51
quinn/etc/nixos/configuration.nix
View File

@ -58,6 +58,7 @@
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true; # services.libinput.enable = true;
users.groups.scanner = {};
users.groups.step = {}; users.groups.step = {};
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
@ -70,6 +71,12 @@
# tree # tree
# ]; # ];
}; };
users.users.scanner = {
group = "scanner";
isNormalUser = false;
isSystemUser = true;
description = "User for the scanner to log in to samba";
};
users.users.step = { users.users.step = {
group = "step"; group = "step";
isNormalUser = false; isNormalUser = false;
@ -173,16 +180,58 @@
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;
# Set up a samba share for the scanner
services.samba = {
enable = true;
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string smbnix
netbios name = smbnix
security = user
guest account = nobody
map to guest = bad user
'';
shares = {
public = {
path = "/mnt/shares/public";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "username";
"force group" = "groupname";
};
private = {
path = "/mnt/shares/private";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "username";
"force group" = "groupname";
};
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
# Enable Tailscale # Enable Tailscale
services.tailscale.enable = true; services.tailscale.enable = true;
# Enable the Unifi controller service # Enable the Unifi controller service
#services.unifi.enable = true; #services.unifi.enable = true;
#services.unifi.unifiPackage = pkgs.unifi8; #services.unifi.unifiPackage = pkgs.unifi8;
networking.extraHosts = ''
127.0.0.1 home.arpa
'';
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowPing = true;
allowedTCPPorts = [ 80 443 ]; allowedTCPPorts = [ 80 443 ];
allowedUDPPortRanges = [ allowedUDPPortRanges = [
#{ from = 4000; to = 4007; } #{ from = 4000; to = 4007; }