# Set up a Samba container

## config container

```
mkdir /vol/media /vol/user
addgroup --gid 5000 files --system
adduser --uid 5000 --ingroup files files --disabled-password --gecos "Files Owner" --system --no-create-home --shell /usr/sbin/nologin --home /srv
exit
```

### mount stuff

```
-v /tank/files/media:/vol/media \
-v /tank/files/user:/vol/user \
```
replace home with a symlink:
```
cd / && rmdir /home && ln -s /vol/user home
```

### install samba

```
apt update
apt upgrade
apt install samba
```

### config samba

disable NMB daemon
```
systemctl stop nmbd
systemctl disable nmbd
```

edit `/etc/samba/smb.conf` to have the following contents:
```
# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not made any basic syntactic 
# errors. 

#======================= Global Settings =======================
[global]
### General ###
server string = medusa
server role = standalone server
disable netbios = yes
smb ports = 445

#### Logging ####
log file = /var/log/samba/smb.log
max log size = 1000

####### Authentication #######
passdb backend = tdbsam
map to guest = bad user

### Permissions ##
# The following settings configure all shares to use the filesrv user on the backend
force user = filesrv
force group = filesrv
create mask = 0644
directory mask = 0755
force create mode = 0644
force directory mode = 0755
unix extensions = yes
map archive = no
map system = no
map hidden = no

### Printing ###
# Disable all printing
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes

#======================= Share Definitions =======================
[media]
comment = Shared media files
path = /srv/media
browsable = yes
guest ok = yes
read only = yes
write list = @filesrv

[homes]
comment = User homes
browsable = no
guest ok = no
read only = no
valid users = %S
```
finally, restart the Samba server with:
```
service smbd restart
```

## define users

### make script

first, we will write a script to automate adding users. Create a file `/usr/local/bin/smbadduser` with the contents:
```
#!/bin/sh
adduser "$1" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin
usermod -a -G sambashare $1
smbpasswd -a "$1"
```
don't forget to make it executable:
```
chmod +x /usr/local/bin/smbadduser
```