1{
 2  libx,
 3  globals,
 4  ...
 5}:
 6{
 7  imports = [
 8    ../common/services/samba.nix
 9    ../common/services/prometheus-exporters-node.nix
10  ];
11
12  networking.firewall.enable = false;
13
14  # TODO make it an option ? (otherwise I'll add it for all)
15  users.users.vincent.linger = true;
16
17  services = {
18    samba.settings = {
19      global."server string" = "Aix";
20      vincent = {
21        path = "/data/share";
22        public = "yes";
23        browseable = "yes";
24        "read only" = "no";
25        "guest ok" = "yes";
26        writable = "yes";
27        comment = "Vincent's share";
28        "create mask" = "0644";
29        "directory mask" = "0755";
30        "force user" = "vincent";
31        "force group" = "users";
32      };
33    };
34    wireguard = {
35      enable = true;
36      ips = libx.wg-ips globals.machines.aix.net.vpn.ips;
37      endpoint = "${globals.net.vpn.endpoint}";
38      endpointPublicKey = "${globals.machines.kerkouane.net.vpn.pubkey}";
39    };
40  };
41}