From 5d272592050a9e67a9ed8d8bed9e15194d2421dd Mon Sep 17 00:00:00 2001
From: Tigor Hutasuhut <tigor.hutasuhut@gmail.com>
Date: Thu, 13 Jun 2024 16:08:33 +0700
Subject: [PATCH] homeserver: enabled samba

---
 options/services.nix        |  3 +++
 profiles/homeserver.nix     |  3 +++
 system/services/default.nix |  1 +
 system/services/forgejo.nix | 22 ++++++++++++++++++++++
 system/services/samba.nix   | 37 +++++++++++++++++++++++++++++++++++++
 5 files changed, 66 insertions(+)
 create mode 100644 system/services/forgejo.nix
 create mode 100644 system/services/samba.nix

diff --git a/options/services.nix b/options/services.nix
index 779243d..1a331a7 100644
--- a/options/services.nix
+++ b/options/services.nix
@@ -6,5 +6,8 @@ in
   options.profile.services = {
     caddy.enable = mkEnableOption "caddy";
     cockpit.enable = mkEnableOption "cockpit";
+    forgejo.enable = mkEnableOption "forgejo";
+    kavita.enable = mkEnableOption "kavita";
+    samba.enable = mkEnableOption "samba";
   };
 }
diff --git a/profiles/homeserver.nix b/profiles/homeserver.nix
index ffa97df..565513c 100644
--- a/profiles/homeserver.nix
+++ b/profiles/homeserver.nix
@@ -36,6 +36,9 @@
     services = {
       caddy.enable = true;
       cockpit.enable = true;
+      forgejo.enable = true;
+      kavita.enable = true;
+      samba.enable = true;
     };
   };
 }
diff --git a/system/services/default.nix b/system/services/default.nix
index 5194a89..278f398 100644
--- a/system/services/default.nix
+++ b/system/services/default.nix
@@ -3,5 +3,6 @@
   imports = [
     ./caddy.nix
     ./cockpit.nix
+    ./samba.nix
   ];
 }
diff --git a/system/services/forgejo.nix b/system/services/forgejo.nix
new file mode 100644
index 0000000..68260f5
--- /dev/null
+++ b/system/services/forgejo.nix
@@ -0,0 +1,22 @@
+{ config, lib, ... }:
+let
+  cfg = config.profile.services.forgejo;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf cfg.enable {
+    sops.secrets."forgejo" = {
+      sopsFile = ../../secrets/caddy_reverse_proxy.yaml;
+      path = "/etc/caddy/sites-enabled/forgejo";
+      mode = "0440";
+    };
+
+    services.forgejo = {
+      enable = true;
+      settings = {
+        server.PROTOCOL = "http+unix";
+        session.COOKIE_SECURE = true;
+      };
+    };
+  };
+}
diff --git a/system/services/samba.nix b/system/services/samba.nix
new file mode 100644
index 0000000..fa1a24a
--- /dev/null
+++ b/system/services/samba.nix
@@ -0,0 +1,37 @@
+{ config, lib, ... }:
+let
+  cfg = config.profile.services.samba;
+  user = config.profile.user;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf cfg.enable {
+    services.samba = {
+      enable = true;
+      securityType = "user";
+      openFirewall = true;
+      extraConfig = ''
+        workgroup = WORKGROUP
+        server string = smbnix
+        netbios name = smbnix
+        security = user 
+      '';
+      shares = {
+        nas = {
+          path = "/nas";
+          browsable = "yes";
+          "read only" = "no";
+          "guest ok" = "yes";
+          "create mask" = "0777";
+          "directory mask" = "0777";
+          "force user" = user.name;
+          "force group" = user.name;
+        };
+      };
+    };
+    services.samba-wsdd = {
+      enable = true;
+      openFirewall = true;
+    };
+  };
+}