From 7b89df98600ab0205572c500b70e905229c8166d Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Wed, 6 Jul 2022 09:25:49 +0200
Subject: [PATCH] frumar: add samba

---
 nixos/logical/frumar.nix    | 47 +++++++++++++++++++++++++++++++++++--
 nixos/roles/default.nix     |  1 -
 nixos/roles/workstation.nix |  1 +
 3 files changed, 46 insertions(+), 3 deletions(-)

diff --git a/nixos/logical/frumar.nix b/nixos/logical/frumar.nix
index 798fd6e..f4aa0fd 100644
--- a/nixos/logical/frumar.nix
+++ b/nixos/logical/frumar.nix
@@ -68,8 +68,8 @@
   };
   boot.zfs.requestEncryptionCredentials = false;
   networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 3000 9090 ];
-  networking.firewall.allowedTCPPorts = [ 1883 ];
-  networking.firewall.allowedUDPPorts = [ 1883 ];
+  networking.firewall.allowedTCPPorts = [ 1883 5357 ];
+  networking.firewall.allowedUDPPorts = [ 1883 3702 ];
   services.rabbitmq = {
     enable = true;
     plugins = [ "rabbitmq_mqtt" "rabbitmq_management" ];
@@ -95,6 +95,49 @@
       interval = "*-*-01 02:00:00"; # monthly + 2 hours
     };
   };
+  services.samba = {
+    enable = true;
+    openFirewall = true;
+    shares.public = {
+      path = "/data/plexmedia";
+      browseable = "yes";
+      "guest ok" = "yes";
+      "hosts allow" = "192.168.178.0/255.255.255.0";
+      "writeable" = "yes";
+      "force user" = "nobody";
+      "force directory mode" = "2777";
+    };
+  };
+  services.samba-wsdd = {
+    enable = true;
+    interface = "eno2";
+    hostname = "NAS";
+  };
+  services.sonarr = {
+    enable = true;
+    group = "plex";
+    user = "plex";
+    openFirewall = true;
+  };
+  services.radarr = {
+    enable = true;
+    group = "plex";
+    user = "plex";
+    openFirewall = true;
+  };
+  services.znapzend = {
+    enable = true;
+    pure = true;
+    features = {
+      zfsGetType = true;
+      sendRaw = true;
+    };
+    zetup = {
+      "frumar-new/plexmedia" = {
+        plan = "1w=>6h,1m=>1w,1y=>1m,2y=>6m,50y=>1y";
+      };
+    };
+  };
   users.users.plex.packages = with pkgs; [
     ffmpeg
   ];
diff --git a/nixos/roles/default.nix b/nixos/roles/default.nix
index 858e315..96aa32b 100644
--- a/nixos/roles/default.nix
+++ b/nixos/roles/default.nix
@@ -131,6 +131,5 @@ in {
     disabledCollectors = [ "rapl" ];
   };
   networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 9100 ];
-  services.fwupd.enable = true;
   xdg.autostart.enable = false;
 }
diff --git a/nixos/roles/workstation.nix b/nixos/roles/workstation.nix
index 38f3152..8b48173 100644
--- a/nixos/roles/workstation.nix
+++ b/nixos/roles/workstation.nix
@@ -1,5 +1,6 @@
 { config, lib, pkgs, ... }:
 {
+  services.fwupd.enable = true;
   users.users.yorick = {
     extraGroups = [ "input" "wireshark" "dialout" "video" "libvirtd" ];
     shell = pkgs.fish;