2017-03-16 10:26:32 +01:00
|
|
|
{{ ansible_managed_file | comment }}
|
2017-02-23 13:15:04 +01:00
|
|
|
|
|
|
|
#======================= Global Settings =======================
|
|
|
|
|
|
|
|
[global]
|
|
|
|
|
|
|
|
## Browsing/Identification ###
|
|
|
|
|
|
|
|
# Change this to the workgroup/NT-domain name your Samba server will part of
|
|
|
|
workgroup = {{ samba.workgroup }}
|
|
|
|
|
|
|
|
# server string is the equivalent of the NT Description field
|
|
|
|
server string = %h server (Samba, Ubuntu)
|
|
|
|
|
|
|
|
# This will prevent nmbd to search for NetBIOS names through DNS.
|
|
|
|
dns proxy = no
|
|
|
|
|
|
|
|
#### Debugging/Accounting ####
|
|
|
|
|
|
|
|
# This tells Samba to use a separate log file for each machine
|
|
|
|
# that connects
|
|
|
|
log file = /var/log/samba/log.%m
|
|
|
|
|
|
|
|
# Cap the size of the individual log files (in KiB).
|
|
|
|
max log size = 1000
|
|
|
|
|
|
|
|
# We want Samba to log a minimum amount of information to syslog. Everything
|
|
|
|
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
|
|
|
|
# through syslog you should set the following parameter to something higher.
|
|
|
|
syslog = 0
|
|
|
|
|
|
|
|
# Do something sensible when Samba crashes: mail the admin a backtrace
|
|
|
|
panic action = /usr/share/samba/panic-action %d
|
|
|
|
|
|
|
|
|
|
|
|
####### Authentication #######
|
|
|
|
|
|
|
|
# "security = user" is always a good idea. This will require a Unix account
|
|
|
|
# in this server for every user accessing the server. See
|
|
|
|
# /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
|
|
|
|
# in the samba-doc package for details.
|
|
|
|
# security = user
|
|
|
|
|
|
|
|
# You may wish to use password encryption. See the section on
|
|
|
|
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
|
|
|
|
encrypt passwords = true
|
|
|
|
|
|
|
|
# If you are using encrypted passwords, Samba will need to know what
|
|
|
|
# password database type you are using.
|
|
|
|
passdb backend = tdbsam
|
|
|
|
|
|
|
|
obey pam restrictions = yes
|
|
|
|
|
|
|
|
# This boolean parameter controls whether Samba attempts to sync the Unix
|
|
|
|
# password with the SMB password when the encrypted SMB password in the
|
|
|
|
# passdb is changed.
|
|
|
|
unix password sync = yes
|
|
|
|
|
|
|
|
# For Unix password sync to work on a Debian GNU/Linux system, the following
|
|
|
|
# parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for
|
|
|
|
# sending the correct chat script for the passwd program in Debian Sarge).
|
|
|
|
passwd program = /usr/bin/passwd %u
|
|
|
|
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
|
|
|
|
|
|
|
|
# This boolean controls whether PAM will be used for password changes
|
|
|
|
# when requested by an SMB client instead of the program listed in
|
|
|
|
# 'passwd program'. The default is 'no'.
|
|
|
|
pam password change = yes
|
|
|
|
|
|
|
|
# This option controls how unsuccessful authentication attempts are mapped
|
|
|
|
# to anonymous connections
|
|
|
|
map to guest = bad user
|
|
|
|
|
2017-03-13 10:40:35 +01:00
|
|
|
{% if samba.windows_compatible %}
|
|
|
|
# disable unix extensions and enable following symlinks
|
|
|
|
unix extensions = no
|
|
|
|
follow symlinks= yes
|
|
|
|
wide links= yes
|
|
|
|
{% endif %}
|
|
|
|
|
2017-02-23 13:15:04 +01:00
|
|
|
{% for name, path in media_dirs.iteritems() %}
|
|
|
|
[{{ name }}]
|
|
|
|
path = {{ path }}
|
|
|
|
comment = {{ name }} on %h
|
|
|
|
guest ok = yes
|
|
|
|
writeable = yes
|
|
|
|
browseable = yes
|
|
|
|
create mode = 0664
|
|
|
|
directory mode = 0775
|
|
|
|
force user = {{ vdr.user }}
|
|
|
|
force group = {{ vdr.group }}
|
|
|
|
follow symlinks = yes
|
|
|
|
wide links = yes
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
include = /etc/samba/smb.conf.custom
|