From a4fefb72516d2b98fa09bc6cf8898478151d84f5 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Sun, 26 Jan 2020 18:40:18 +0100
Subject: [PATCH] Move samba to server7

---
 host-registry.nix                          |  1 +
 hosts/server7/containers/samba/default.nix | 41 ++++++++++++++++++++++
 hosts/storage-ng/configuration.nix         | 28 ---------------
 3 files changed, 42 insertions(+), 28 deletions(-)
 create mode 100644 hosts/server7/containers/samba/default.nix

diff --git a/host-registry.nix b/host-registry.nix
index ce95725f..e717aadf 100644
--- a/host-registry.nix
+++ b/host-registry.nix
@@ -17,6 +17,7 @@ rec {
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGzWhy2T7avsFf+ZS8R99kah2wPQs7MYWUP+t4VBi28a";
     pulsebert.publicKey =
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAnEWn/8CKIiCtehh6Ha3XUQqjODj0ygyo3aGAsFWgfG";
+    samba = { };
     storage-ng.publicKey =
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMeg5ojU7U8+Lx824y+brazVJ007mEJDM7C7aUruOWGP";
 
diff --git a/hosts/server7/containers/samba/default.nix b/hosts/server7/containers/samba/default.nix
new file mode 100644
index 00000000..071bc524
--- /dev/null
+++ b/hosts/server7/containers/samba/default.nix
@@ -0,0 +1,41 @@
+name:
+
+(import ../outer-defaults.nix name) // {
+
+  bindMounts."/srv/c3d2" = {
+    hostPath = "/srv/ceph/c3d2";
+    isReadOnly = true;
+  };
+
+  config = { config, pkgs, lib, ... }: {
+    imports = [ ../inner-defaults.nix ];
+
+    c3d2.hq.statistics.enable = true;
+
+    services.samba = {
+      enable = true;
+      enableNmbd = true;
+      extraConfig = ''
+        workgroup = WORKGROUP
+        server string = storage
+        netbios name = storage
+        hosts allow = 172.20 172.22 172.22.99.146
+        hosts deny = 0.0.0.0/0
+        map to guest = Bad user
+      '';
+      shares = {
+        c3d2 = {
+          path = "/srv/c3d2";
+          browseable = "yes";
+          "read only" = "no";
+          "guest ok" = "yes";
+          "create mask" = "0644";
+          "directory mask" = "0755";
+        };
+      };
+    };
+
+    networking.firewall.enable = false;
+  };
+
+}
diff --git a/hosts/storage-ng/configuration.nix b/hosts/storage-ng/configuration.nix
index 38a5541d..b34e6de4 100644
--- a/hosts/storage-ng/configuration.nix
+++ b/hosts/storage-ng/configuration.nix
@@ -133,42 +133,14 @@ in {
     };
   };
 
-  services.samba = {
-    enable = false; # samba is garbage
-    enableNmbd = true;
-    extraConfig = ''
-      workgroup = WORKGROUP
-      server string = storage
-      netbios name = storage
-      hosts allow = 172.20 172.22 172.22.99.146
-      hosts deny = 0.0.0.0/0
-      guest account = k-ot
-      map to guest = Bad user
-    '';
-    shares = {
-      c3d2 = {
-        path = "/mnt/cephfs/c3d2";
-        browseable = "yes";
-        "read only" = "no";
-        "guest ok" = "yes";
-        "create mask" = "0644";
-        "directory mask" = "0755";
-        "force user" = "k-ot";
-        "force group" = "k-ot";
-      };
-    };
-  };
-
   /* # Open ports in the firewall.
      networking.firewall.allowedTCPPorts = [
        23
        80
        443
-       137 138 445 139 # samba
       ];
      networking.firewall.allowedUDPPorts = [
        69
-       137 138 445 139 # samba
       ];
   */