59 lines
1.0 KiB
Bash
Executable File
59 lines
1.0 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
USERNAME=smb
|
|
DIR="/home/${USERNAME}/share"
|
|
LAN="10.8.0.0/24" # connection will be allowed from this network only
|
|
|
|
user=$(whoami)
|
|
if [ $user != root ]; then
|
|
echo "You are using a non-privileged account"
|
|
exit 1
|
|
fi
|
|
|
|
if test -d $DIR; then
|
|
echo "Script is meant to be run only once and it seems to have already been executed"
|
|
exit 1
|
|
fi
|
|
|
|
apt update
|
|
apt install -y samba
|
|
|
|
useradd $USERNAME \
|
|
--shell /bin/false \
|
|
--create-home \
|
|
--user-group \
|
|
--comment 'SMB user' \
|
|
--system
|
|
|
|
passwd -d $USERNAME
|
|
|
|
mkdir $DIR
|
|
|
|
chown $USERNAME:$USERNAME $DIR
|
|
|
|
cp /etc/samba/smb.conf "/home/${USERNAME}/smb.conf"
|
|
|
|
cat <<EOF >> /etc/samba/smb.conf
|
|
[share]
|
|
comment = SMB share
|
|
hosts allow = ${LAN} 127.0.0.1
|
|
valid users = ${USERNAME}
|
|
path = ${DIR}
|
|
browseable = yes
|
|
read only = yes
|
|
EOF
|
|
|
|
smbpasswd -a $USERNAME
|
|
|
|
service smbd restart
|
|
testparm
|
|
|
|
# set rsync port
|
|
ufw allow from $LAN to any port 873
|
|
|
|
# set up Samba ports
|
|
ufw allow from $LAN proto udp to any port 137,138
|
|
ufw allow from $LAN proto tcp to any port 139,445
|
|
|
|
ufw status verbose
|