My Home Server Setup: Part 3/N
I’ll be setting up Samba server on my Rpi (node name is gohan 😃)
Though it doesn’t have to be Nomad it can be run using a simple docker-compose as well.
A little bit of a background, I’ve got a Dell Inspiron 3543 laptop which is almost broken and unusable, I had my family storage, movies, iso files, and all other crap in that 1TB 5400 RPM Disk which is lying around with no use.
I bought an External Hardrive case and got it hooked into gohan and it works well for my use case.
I mean look it works 😆
Well, jokes apart I plan to run Samba on gohan
FROM alpine:3.7
RUN apk --no-cache upgrade && \
apk --no-cache add samba samba-common-tools
EXPOSE 445/tcp
ENTRYPOINT ["smbd", "--foreground", "--log-stdout"]I’ve pushed the images on ghcr.io ( Github Container registry) incase anyone wants to grab a copy.
Below is my smb.conf , I took reference from this Stanback/alpine-samba Repo
[global]workgroup = WORKGROUPserver string = %h server (Samba, Alpine)security = usermap to guest = Bad Userencrypt passwords = yesload printers = noprinting = bsdprintcap name = /dev/nulldisable spoolss = yesdisable netbios = yesserver role = standaloneserver services = -dns, -nbtsmb ports = 445; Bind only to particular interfaces;hosts allow = 192.168.0.0/24 100.0.0.0/24;hosts deny = 0.0.0.0/0;interfaces = 192.168.0.0/24 10.0.0.0/24;bind interfaces only = yes;name resolve order = hosts;log level = 3[Shared]path = /sharecomment = Shared Folderbrowseable = yesread only = yeswrite list = piguest ok = yes
it can be ran using docker-compose as well, though I already have nomad
docker run -dt \
-v $PWD/smb.conf:/etc/samba/smb.conf \
-v /mnt:/share \
-p 445:445 \
--name samba \
--restart=always \
ghcr.io/itsjwala/sambaNomad Job
- I mounted all the partitions under
/mntof host and created a volume bind
in mount section of the Nomad job, and bind mount/etc/sambaunder container to be persisted inNOMAD_TASK_DIR - Tailscale client isn’t supported on Android TV yet, so I had to bind docker container to
eth0interface as well (192.168.**) with that I had to makegohantop have a fixed static IP that is configured on routers page using IP/Mac binding
job "samba-job" {
datacenters = ["DragonBallWorld"]
type = "service"
group "samba-group" {
constraint {
attribute = "$${attr.unique.hostname}"
value = "gohan"
}
network {
port "samba-port-tailscale" {
static = 445
to = 445
host_network = "tailscale"
}
port "samba-port-default" {
static = 445
to = 445
}
}
restart {
attempts = 2
interval = "2m"
delay = "30s"
mode = "fail"
}
task "samba-task" {
driver = "docker"
config {
image = "ghcr.io/itsjwala/samba"
// Bind the config file to container.
mount {
type = "bind"
source = "configs" // Bind mount the template from `NOMAD_TASK_DIR`
target = "/etc/samba"
}
// Bind the data directory to preserve certs.
mount {
type = "bind"
source = "/mnt" # Bind mount the template from `NOMAD_TASK_DIR`
target = "/share"
readonly = true
}
ports = ["samba-port-tailscale","samba-port-default"]
}
resources {
cpu = 200
memory = 200
}
service {
name = "samba-tailscale"
tags = ["samba"]
port = "samba-port-tailscale"
check {
type = "tcp"
port = "samba-port-tailscale"
interval = "10s"
timeout = "2s"
}
// will decide if required differently for tailscale check port or not
// check_restart {
// limit = 3
// grace = "90s"
// ignore_warnings = false
// }
}
service {
name = "samba-lan"
tags = ["samba"]
port = "samba-port-default"
check {
type = "tcp"
port = "samba-port-default"
interval = "10s"
timeout = "2s"
}
}
template { data = <<EOF
${smb_conf}
EOF
destination = "configs/smb.conf" // Rendered template.
change_mode = "restart"
}
}
}
}
Deployment for this nomad job using terraform can be found on the repo
With that done, I’ve got a new nomad job added.
gohan
And a consul service registered for samba which I’ll use as upstreams for caddy proxy ( samba.itsjwala.local ❓)
now I can access my hardrive data from anywhere in the world, thanks to tailscale VPN.
Few things pending in here are:-
- dynamically mounting any Hardrive / Pendrive partitions under
/mnt - [Not urgent] exploring options for samba server
until then peace ☮️
