Samba¶
Samba lets your Linux based server share files and folders on a Windows File Sharing Workgroup using the same protocol (SMB/CIFS), this is pretty useful when you need to share files between computers on your network. This also helps to allow your files to be accessed through the Internet (although it should only be done through a VPN for security purposes).
There is no official image for this service, so we'll use ghcr.io/servercontainers/samba.
Pre-Installation¶
We'll create a folder in the main user's home where all the service's data will be saved.
mkdir ~/services/networking/samba
Docker Compose¶
Samba will be run using Docker Compose. The content of the docker-compose.yml
file is as follows:
services:
server:
image: ghcr.io/servercontainers/samba:smbd-only-latest
restart: unless-stopped
network_mode: host
volumes:
- /media:/media
- ~/:/home
environment:
TZ: America/Guayaquil
SAMBA_CONF_LOG_LEVEL: 3
AVAHI_DISABLE: disabled
WSDD2_DISABLE: disabled
ACCOUNT_foo: ${ACCOUNT_FOO}
UID_foo: ${UID_FOO}
SAMBA_VOLUME_CONFIG_downloads: ${CONFIG_DOWNLOADS}
Feel free to edit the volumes and the volume configs at the bottom to your liking.
Secrets¶
Make sure to create a .env
file with the following structure:
ACCOUNT_FOO=
UID_FOO=
CONFIG_DOWNLOADS=
For the ACCOUNT_FOO
variable, you will need to run the following command, which will generate a user hash that should be placed in the .env
file.
docker run -it --rm ghcr.io/servercontainers/samba:smbd-only-latest create-hash.sh
This will generate a hash that you can use instead of adding your password in plaintext.
The shares are defined through environment variables prefixed by SAMBA_VOLUME_CONFIG
, you can create as many as you need. Same story for ACCOUNT
and UID
which are used to define accounts with access to the share and their respective UID.
For the CONFIG_*
variables, feel free to base yourself of the following example:
[downloads]
comment = Downloads directory.
path = /media/sata_2tb/Downloads
available = yes
read only = no
browsable = yes
writeable = yes
create mask = 0744
directory mask = 0755
force user = foo
force group = foo
public = no
guest ok = no
Note
Make sure the wrap each block with double-quotes ("
) in the .env
file to support multiline variables.
Post-Installation¶
We'll need to allow the service's port on our firewall.
sudo ufw allow 455/tcp
Running¶
Start up the service with:
docker compose up -d
That's it! The service will auto-start on system startup and restart on failure.