pyrox.dev
Merge pull request #141861 from Enzime/add/samba-open-firewall
nixos/samba: Add `openFirewall` option
authored by
Robert Hensing
and committed by
GitHub
15390246
5193b0da
+13
-3
nixos/modules/services/network-filesystems/samba.nix
+13
-3
nixos/modules/services/network-filesystems/samba.nix
···
87
<note>
88
<para>If you use the firewall consider adding the following:</para>
89
<programlisting>
90
-
networking.firewall.allowedTCPPorts = [ 139 445 ];
91
-
networking.firewall.allowedUDPPorts = [ 137 138 ];
92
</programlisting>
93
</note>
94
'';
95
};
96
···
235
};
236
237
security.pam.services.samba = {};
238
-
environment.systemPackages = [ config.services.samba.package ];
239
})
240
];
241
···
87
<note>
88
<para>If you use the firewall consider adding the following:</para>
89
<programlisting>
90
+
services.samba.openFirewall = true;
91
</programlisting>
92
</note>
93
+
'';
94
+
};
95
+
96
+
openFirewall = mkOption {
97
+
type = types.bool;
98
+
default = false;
99
+
description = ''
100
+
Whether to automatically open the necessary ports in the firewall.
101
'';
102
};
103
···
242
};
243
244
security.pam.services.samba = {};
245
+
environment.systemPackages = [ cfg.package ];
246
+
247
+
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 139 445 ];
248
+
networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ 137 138 ];
249
})
250
];
251
+1
-2
nixos/tests/samba.nix
+1
-2
nixos/tests/samba.nix
···
20
server =
21
{ ... }:
22
{ services.samba.enable = true;
23
services.samba.shares.public =
24
{ path = "/public";
25
"read only" = true;
···
27
"guest ok" = "yes";
28
comment = "Public samba share.";
29
};
30
-
networking.firewall.allowedTCPPorts = [ 139 445 ];
31
-
networking.firewall.allowedUDPPorts = [ 137 138 ];
32
};
33
};
34