diff options
-rw-r--r-- | nixos/modules/services/network-filesystems/samba.nix | 16 | ||||
-rw-r--r-- | nixos/tests/samba.nix | 3 |
2 files changed, 14 insertions, 5 deletions
diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix index 3fedaeb4952..9ed755d0465 100644 --- a/nixos/modules/services/network-filesystems/samba.nix +++ b/nixos/modules/services/network-filesystems/samba.nix @@ -87,13 +87,20 @@ in <note> <para>If you use the firewall consider adding the following:</para> <programlisting> - networking.firewall.allowedTCPPorts = [ 139 445 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; + services.samba.openFirewall = true; </programlisting> </note> ''; }; + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to automatically open the necessary ports in the firewall. + ''; + }; + enableNmbd = mkOption { type = types.bool; default = true; @@ -235,7 +242,10 @@ in }; security.pam.services.samba = {}; - environment.systemPackages = [ config.services.samba.package ]; + environment.systemPackages = [ cfg.package ]; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 139 445 ]; + networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ 137 138 ]; }) ]; diff --git a/nixos/tests/samba.nix b/nixos/tests/samba.nix index d1d50caabfa..252c3dd9c76 100644 --- a/nixos/tests/samba.nix +++ b/nixos/tests/samba.nix @@ -20,6 +20,7 @@ import ./make-test-python.nix ({ pkgs, ... }: server = { ... }: { services.samba.enable = true; + services.samba.openFirewall = true; services.samba.shares.public = { path = "/public"; "read only" = true; @@ -27,8 +28,6 @@ import ./make-test-python.nix ({ pkgs, ... }: "guest ok" = "yes"; comment = "Public samba share."; }; - networking.firewall.allowedTCPPorts = [ 139 445 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; }; }; |