Hi there.
I have never set Samba, so, sorry in advance for stupids questions…
Here my config.nix (Samba config at the bottom):
{ config, pkgs, ... }:
#let
# nix-software-center = (import (pkgs.fetchFromGitHub {
# owner = "vlinkz";
# repo = "nix-software-center";
# rev = "0.1.2";
# sha256 = "xiqF1mP8wFubdsAQ1BmfjzCgOD3YZf7EGWl9i69FTls=";
# })) {};
#in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./nvidia.nix
./laptop.nix
];
# Bootloader
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Enable ntfs and EXT4 partitions
boot.supportedFilesystems = [ "ntfs" "ext4" ];
# Nix store optimisation
nix.optimise.automatic = true;
nix.optimise.dates = [ "03:45" ];
# Bluetooth for Xbox One pad
hardware.xpadneo.enable = true;
# Partition automounting
services.devmon.enable = true;
services.gvfs.enable = true;
services.udisks2.enable = true;
# Joycon
services.joycond.enable = true;
# Enable adb
programs.adb.enable = true;
# Add udev rules
services.udev.packages = [
pkgs.android-udev-rules
];
# Data partition
fileSystems."/mnt/Donnees" =
{ device = "/dev/disk/by-uuid/fe70ca5a-36e1-4555-bdc0-6eb31b0f015c";
fsType = "ext4";
options = ["rw"];
};
# Game partition
fileSystems."/mnt/Jeux" =
{ device = "/dev/disk/by-uuid/01c3e298-9211-4ea8-afe0-bd206b8a9a72";
fsType = "ext4";
options = ["rw"];
};
networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Paris";
# Select internationalisation properties.
i18n.defaultLocale = "fr_FR.utf8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "fr_FR.UTF-8";
LC_IDENTIFICATION = "fr_FR.UTF-8";
LC_MEASUREMENT = "fr_FR.UTF-8";
LC_MONETARY = "fr_FR.UTF-8";
LC_NAME = "fr_FR.UTF-8";
LC_NUMERIC = "fr_FR.UTF-8";
LC_PAPER = "fr_FR.UTF-8";
LC_TELEPHONE = "fr_FR.UTF-8";
LC_TIME = "fr_FR.UTF-8";
};
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Enable the PLASMA Desktop Environment.
# services.displayManager.sddm.wayland.enable = true;
# services.desktopManager.plasma6.enable = true;
# services.displayManager.defaultSession = "plasma";
# hardware.bluetooth.enable = true; # enables support for Bluetooth
# hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot
# Enable the hyprland
# programs.hyprland.enable = true;
# Configure keymap in X11
services.xserver = {
xkb.layout = "fr";
xkb.variant = "";
};
# Configure console keymap
console.keyMap = "fr";
# Enable CUPS to print documents.
services.printing.enable = true;
services.avahi.enable = true;
services.avahi.nssmdns4 = true;
# for a WiFi printer
services.avahi.openFirewall = true;
# Enable scanner
services.saned.enable = true;
hardware.sane.enable = true;
hardware.sane.openFirewall = true;
services.ipp-usb.enable = true;
hardware.sane.extraBackends = [ pkgs.sane-airscan ];
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.eyome = {
isNormalUser = true;
description = "eyome";
extraGroups = [ "networkmanager" "wheel" "scanners" "lp" "adbusers" ];
packages = with pkgs; [
firefox
fuse
gnomeExtensions.just-perfection
gnomeExtensions.valent
gnome-boxes
gnome-software
gnome-tweaks
gvfs
joycond
libreoffice-fresh
# mousai
neofetch
nix-diff
nixos-option
# nix-software-center
noto-fonts-emoji
ntfs3g
ocs-url
rustdesk-flutter
samba
sane-airscan
scrcpy
steam
ungoogled-chromium
ventoy-full
widevine-cdm
];
};
# Enabled Gsconnect
programs.kdeconnect = {
enable = true;
package = pkgs.valent;
};
# WideVine
# environment.systemPackages = with pkgs; [
# (chromium.override { enableWideVine = true; })
# ];
# nixpkgs.config.ungoogled-chromium = {
# proprietaryCodecs = true;
# enableWidevine = true;
# };
# Flatpak
services.flatpak.enable = true;
# Fwupd
services.fwupd.enable = true;
# Gnome paquets exlusion
environment.gnome.excludePackages = [ pkgs.gnome-tour pkgs.geary ];
# Others paquets exlusion
services.xserver.excludePackages = [ pkgs.xterm ];
# Virtualisation
virtualisation.libvirtd.enable = true;
# Experimental paquet inclusion
# nix.extraOptions = ''experimental-features = nix-command flakes'';
# Automatic login for the user.
services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = "eyome";
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false;
# Unfree packages
nixpkgs.config.allowUnfree = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
services.samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"workgroup" = "WORKGROUP";
"server string" = "smbnix";
"netbios name" = "smbnix";
"security" = "user";
#"use sendfile" = "yes";
#"max protocol" = "smb2";
# note: localhost is the ipv6 localhost ::1
"hosts allow" = "192.168.0. 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
};
"public" = {
"path" = "/mnt/Shares/Public";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "username";
"force group" = "groupname";
};
};
};
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/mnt/Shares" = {
device = "//192.168.1.133/mnt/Shares";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in ["${automount_opts},credentials=/etc/nixos/smb-secrets"];
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
# ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile`
# nssmdns4 = true;
# ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
# enable = true;
# openFirewall = true;
};
#Firewall configuration for Samba
networking.firewall.extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';
networking.firewall.enable = true;
networking.firewall.allowPing = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}
(Few remarks regarding the wiki:
- “securityType = “user”” is written twice;
- there is an extra space at the end of the second “security” = "user "; )
I created a new user “eyome” with:
smbpasswd -a eyome
I created a new etc/nixos/smb-secrets, but I didn’t know how to fill it, is it right?
username=<USERNAME>
domain=<DOMAIN>
password=<PASSWORD>
So, If I run:
[eyome@nixos:~]$ smbclient --list localhost
Password for [WORKGROUP\eyome]:
Sharename Type Comment
--------- ---- -------
public Disk
IPC$ IPC IPC Service (smbnix)
SMB1 disabled -- no workgroup available
But, when I try to connect it on Win11, I can’t open my “public” folder:
“NIXOS (why is it called NIXOS as I called it “smbnix”…) is not available. Permission denied. User name unknown…”
So, what did I wrong guys ?
Thank you.