Skip to content

Instantly share code, notes, and snippets.

@bitcloud

bitcloud/samba.md

Created August 23, 2021 19:27
Show Gist options
  • Save bitcloud/1057bd0346ed13c6e64bbf3387b550b0 to your computer and use it in GitHub Desktop.
Save bitcloud/1057bd0346ed13c6e64bbf3387b550b0 to your computer and use it in GitHub Desktop.
Download ZIP
NAS ZFS Samba Config
Raw
samba.md

/etc/samba/samba.conf

# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not made any basic syntactic 
# errors. 
[global]
   workgroup = io-labs.de

   log file = /var/log/samba/log.%m
   max log size = 1000
   logging = file
   
   panic action = /usr/share/samba/panic-action %d

   server role = standalone server
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes

   map to guest = bad user

   min protocol = SMB2
   inherit permissions = yes
   ea support = yes
   vfs objects = catia fruit streams_xattr

   # MacOS settings
   fruit:model = MacMorla
   fruit:advertise_fullsync = true
   fruit:aapl = yes
   fruit:encoding = native
   fruit:veto_appledouble = no
   fruit:nfs_aces = yes
   fruit:wipe_intentionally_left_blank_rfork = yes
   fruit:delete_empty_adfiles = yes
   fruit:metadata = stream

   # Make share visible to Windows
   ntlm auth = yes
   wins support = yes
   local master = yes
   preferred master = yes

   # Allow symlinks
   follow symlinks = yes
   wide links = yes
   unix extensions = no

#======================= Share Definitions =======================
[TimeMachine]
   path = /tank/time_machine/%U
   valid users = @backup
   writable = yes
   kernel oplocks = no
   kernel share modes = no
   posix locking = no
   browseable = yes
   read only = no
   inherit acls = yes
   fruit:time machine = yes
   root preexec = /etc/samba/scripts/create_user_time_machine.sh %U

[User]
   path = /tank/user/%U
   valid users = @shares
   writable = yes
   browseable = yes
   read only = no
   root preexec = /etc/samba/scripts/create_user_share.sh %U
   
[Public]
   path = /tank/public
   comment = Public
   available = yes
   public = yes
   writable = yes
   browsable = yes

# 
# [homes]
#    comment = Home Directories
#    browseable = no
#    read only = no
# 
# # File creation mask is set to 0700 for security reasons. If you want to
# # create files with group=rw permissions, set next parameter to 0775.
#    create mask = 0700
# 
# # Directory creation mask is set to 0700 for security reasons. If you want to
# # create dirs. with group=rw permissions, set next parameter to 0775.
#    directory mask = 0700
# 
# # By default, \\server\username shares can be connected to by anyone
# # with access to the samba server.
# # The following parameter makes sure that only "username" can connect
# # to \\server\username
# # This might need tweaking when using external authentication schemes
#    valid users = %S
#

/etc/avahi/services/timemachine.service

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
 <name replace-wildcards="yes">%h</name>
 <service>
   <type>_smb._tcp</type>
   <port>445</port>
 </service>
 <service>
   <type>_device-info._tcp</type>
   <port>0</port>
   <txt-record>model=MacMorla</txt-record>
 </service>
 <service>
   <type>_adisk._tcp</type>
   <txt-record>sys=waMa=0,adVF=0x100</txt-record>
   <txt-record>dk0=adVN=TimeMachine,adVF=0x82</txt-record>
 </service>
</service-group>

/etc/samba/scripts/create_user_share.sh

#!/bin/bash

TM_BASE_FILESYSTEM="tank/user"
TM_GROUP="shares"
TM_USER="$1"

TM_FILESYSTEM="${TM_BASE_FILESYSTEM}/${TM_USER}"
TM_BASE_PATH="/${TM_BASE_FILESYSTEM}"
TM_PATH="/${TM_FILESYSTEM}"

if [ ! -e "${TM_BASE_PATH}" ]; then
  zfs create ${TM_BASE_FILESYSTEM}
fi

if [ ! -e "${TM_PATH}" ]; then
  echo zfs create -o casesensitivity=mixed -o nbmand=on -o quota=1T -o xattr=sa -o dnodesize=auto ${TM_FILESYSTEM}
  echo chown "${TM_USER}":"${TM_GROUP}" "${TM_PATH}"
  echo chmod -R 700 "${TM_PATH}"
fi

exit 0

/etc/samba/scripts/create_user_time_machine.sh

#!/bin/bash

TM_BASE_FILESYSTEM="tank/time_machine"
TM_GROUP="backup"
TM_USER="$1"

TM_FILESYSTEM="${TM_BASE_FILESYSTEM}/${TM_USER}"
TM_BASE_PATH="/${TM_BASE_FILESYSTEM}"
TM_PATH="/${TM_FILESYSTEM}"

if [ ! -e "${TM_BASE_PATH}" ]; then
  zfs create ${TM_BASE_FILESYSTEM}
fi

if [ ! -e "${TM_PATH}" ]; then
  echo zfs create -o casesensitivity=mixed -o nbmand=on -o quota=1T -o xattr=sa -o dnodesize=auto ${TM_FILESYSTEM}
  echo chown "${TM_USER}":"${TM_GROUP}" "${TM_PATH}"
  echo chmod -R 700 "${TM_PATH}"
fi

exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment