From 136000540b86216a1fcd126a8bc0bc2eb18a8709 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= <kmein@posteo.de>
Date: Tue, 5 Nov 2024 09:09:45 +0100
Subject: [PATCH] zaatar: add nas share

---
 systems/zaatar/configuration.nix          |  1 +
 systems/zaatar/hardware-configuration.nix |  1 +
 systems/zaatar/nas.nix                    | 64 +++++++++++++++++++++++
 3 files changed, 66 insertions(+)
 create mode 100644 systems/zaatar/nas.nix

diff --git a/systems/zaatar/configuration.nix b/systems/zaatar/configuration.nix
index d62761e..2590f0f 100644
--- a/systems/zaatar/configuration.nix
+++ b/systems/zaatar/configuration.nix
@@ -11,6 +11,7 @@ in {
     ./backup.nix
     ./gaslight.nix
     ./hardware-configuration.nix
+    ./nas.nix
     ./home-assistant.nix
     ../../configs/monitoring.nix
     ../../configs/retiolum.nix
diff --git a/systems/zaatar/hardware-configuration.nix b/systems/zaatar/hardware-configuration.nix
index 4cb0be8..c37bd82 100644
--- a/systems/zaatar/hardware-configuration.nix
+++ b/systems/zaatar/hardware-configuration.nix
@@ -11,6 +11,7 @@
     initrd.availableKernelModules = ["ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "rtsx_usb_sdmmc"];
     kernelModules = ["kvm-intel"];
     extraModulePackages = [];
+    supportedFilesystems = ["ntfs"];
     loader = {
       systemd-boot = {
         enable = true;
diff --git a/systems/zaatar/nas.nix b/systems/zaatar/nas.nix
new file mode 100644
index 0000000..21f2e71
--- /dev/null
+++ b/systems/zaatar/nas.nix
@@ -0,0 +1,64 @@
+{ config, ... }:
+{
+  users.extraUsers.nas = {
+    isSystemUser = true;
+    group = "nas";
+    uid = 7451;
+  };
+  users.extraGroups.nas = {
+    gid = 7452;
+  };
+
+  fileSystems."/nas" = {
+    device = "/dev/disk/by-id/0x50014ee658872039-part1";
+    fsType = "ntfs";
+    options = [ # ref https://askubuntu.com/a/113746
+      "defaults"
+      "nls=utf8"
+      "umask=000"
+      "dmask=027"
+      "fmask=137"
+      "uid=${toString config.users.extraUsers.nas.uid}"
+      "gid=${toString config.users.extraGroups.nas.gid}"
+      "windows_names"
+    ];
+  };
+
+  # ref https://dataswamp.org/~solene/2020-10-18-nixos-nas.html
+  # ref https://www.reddit.com/r/NixOS/comments/relwsh/comment/hoapgrr/
+  services.samba = {
+    enable = true;
+    securityType = "user";
+    openFirewall = true;
+    extraConfig = ''
+      workgroup = WORKGROUP
+      server string = zaatar
+      server role = standalone server
+      netbios name = zaatar
+      security = user
+      hosts allow = 192.168.178. 127.0.0.1 localhost
+      hosts deny = 0.0.0.0/0
+      guest account = nobody
+      map to guest = Bad User
+    '';
+    shares.nas = {
+      path = "/nas";
+      browseable = "yes";
+      writable = "yes";
+      # "read only" = "no";
+      "guest ok" = "yes";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      "force user" = config.users.extraUsers.nas.name;
+      "force group" = config.users.extraUsers.nas.group;
+    };
+  };
+
+  services.samba-wsdd = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  networking.firewall.enable = true;
+  networking.firewall.allowPing = true;
+}