From 867375b286752d4e7dbe9d38fbc3e15af4560828 Mon Sep 17 00:00:00 2001 From: Stefan Ostermann Date: Sun, 9 Feb 2025 12:44:30 +0000 Subject: [PATCH] Samba etc --- ai/docker-compose.yml | 2 +- hass/zb2mqttdata/state.json | 22 ++++++------- samba/create-hash.sh | 27 ++++++++++++++++ samba/docker-compose.yml | 62 +++++++++++++++++++++++++++++++++++++ 4 files changed, 101 insertions(+), 12 deletions(-) create mode 100755 samba/create-hash.sh create mode 100644 samba/docker-compose.yml diff --git a/ai/docker-compose.yml b/ai/docker-compose.yml index 7f1138f..fcf249c 100644 --- a/ai/docker-compose.yml +++ b/ai/docker-compose.yml @@ -1,6 +1,6 @@ services: openwebui: - image: ghcr.io/open-webui/open-webui:0.5.7 + image: ghcr.io/open-webui/open-webui:0.5.10 container_name: open-webui restart: always environment: diff --git a/hass/zb2mqttdata/state.json b/hass/zb2mqttdata/state.json index 988d40d..ed90503 100644 --- a/hass/zb2mqttdata/state.json +++ b/hass/zb2mqttdata/state.json @@ -23,14 +23,14 @@ "linkquality": 7 }, "0xa4c1383ec7aa7d95": { - "temperature": 23.41, - "humidity": 51.95, - "battery": 21, + "temperature": 23.26, + "humidity": 49.41, + "battery": 20, "linkquality": 255 }, "0xa4c1383db5531833": { - "temperature": 21.2, - "humidity": 72.9, + "temperature": 21, + "humidity": 78.9, "battery": 16, "linkquality": 95, "update": { @@ -103,9 +103,9 @@ "0x001788010e8a8be7": { "battery": 100, "update": { - "state": "idle", + "state": "available", "installed_version": 33565954, - "latest_version": 33565954 + "latest_version": 33574183 }, "linkquality": 87, "update_available": false @@ -152,8 +152,8 @@ "installed_version": 16909584, "latest_version": 16909584 }, - "brightness": 152, - "state": "OFF", + "brightness": 254, + "state": "ON", "linkquality": 255, "update_available": false }, @@ -179,8 +179,8 @@ }, "0xa4c13838ba59a1b2": { "battery": 50, - "temperature": 29.8, - "humidity": 35, + "temperature": 30.8, + "humidity": 30, "temperature_unit": "celsius", "temperature_calibration": 0, "humidity_calibration": 0, diff --git a/samba/create-hash.sh b/samba/create-hash.sh new file mode 100755 index 0000000..7326333 --- /dev/null +++ b/samba/create-hash.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +# replace original smb config +grep '# This is the main Samba configuration file.' /etc/samba/smb.conf 2>/dev/null >/dev/null && cp /container/config/samba/smb.conf /etc/samba/smb.conf + +echo -n '>> Enter username: ' 1>&2 +read USERNAME +echo -n '>> New password: ' 1>&2 +read -s PASSWORD_1 +echo +echo -n '>> Retype password: ' 1>&2 +read -s PASSWORD_2 +echo + +USERNAME=$(echo "$USERNAME" | tr '[:upper:]' '[:lower:]') + +if [ "$PASSWORD_1" == "$PASSWORD_2" ] && [ "$PASSWORD_1" != "" ] && [ "$USERNAME" != "" ] +then + adduser -D -H -s /bin/false "$USERNAME" 2> /dev/null >/dev/null + smbpasswd -a -n "$USERNAME" 2> /dev/null >/dev/null + echo -e "$PASSWORD_1\n$PASSWORD_1" | passwd "$USERNAME" 2> /dev/null >/dev/null + echo -e "$PASSWORD_1\n$PASSWORD_1" | smbpasswd "$USERNAME" 2> /dev/null >/dev/null + cat /var/lib/samba/private/smbpasswd | grep ':$' | grep '^'"$USERNAME"':[0-9]*:' + exit 0 +fi + +exit 1 diff --git a/samba/docker-compose.yml b/samba/docker-compose.yml new file mode 100644 index 0000000..d3d9588 --- /dev/null +++ b/samba/docker-compose.yml @@ -0,0 +1,62 @@ +# docker-compose.yml example for https://github.com/ServerContainers/samba + +services: + samba: + build: . + image: ghcr.io/servercontainers/samba + restart: always + # note that this network_mode makes it super easy (especially for zeroconf) but is not as safe as exposing ports directly + # more about that here: https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/index.html#hostnetwork + network_mode: host + # uncomment to solve bug: https://github.com/ServerContainers/samba/issues/50 - wsdd2 only - not needed for samba + cap_add: + - CAP_NET_ADMIN + environment: + # uncomment to enable fail fast (currently only fails fast if there are conflicts/errors during user/group creation) + FAIL_FAST: 1 + + #MODEL: 'TimeCapsule' + #AVAHI_NAME: n100-fileshare + + SAMBA_CONF_LOG_LEVEL: 3 + + + # uncomment to disable optional services + #WSDD2_DISABLE: 1 + #AVAHI_DISABLE: 1 + #NETBIOS_DISABLE: 1 + # Avahi Installation on docker host: sudo apt-get install avahi-daemon + + GROUP_family: 1500 + + # example for hashed password (user: foo | password: bar) - generated using create-hash.sh script. + # sudo docker run -ti --rm --entrypoint create-hash.sh ghcr.io/servercontainers/samba + + #ACCOUNT_oster: "oster:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:86C156FC198B358CCCF6278D8BD49B6A:[U ]:LCT-61B0859A:" + ACCOUNT_oster: "oster:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:079B8E33CB77467761A3B505A15D8163:[U ]:LCT-67A885B6:" + # example for password hashes in the list format: + # - "ACCOUNT_foo=foo:1000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:8846F7EAEE8FB117AD06BDD830B7586C:[U ]:LCT-5FE1F7DF:" + UID_oster: 1000 + GROUPS_oster: family + + #SAMBA_VOLUME_CONFIG_shared_home: "[Home]; path=/home/%U; valid users = oster; guest ok = no; read only = no; browseable = yes" + SAMBA_VOLUME_CONFIG_home: "[oster]; path=/shares/oster; valid users = oster; guest ok = no; read only = no; browseable = yes" + SAMBA_VOLUME_CONFIG_paperless: "[paperless]; path=/shares/paperless-consume; valid users = oster; guest ok = no; read only = no; browseable = yes" + + SAMBA_VOLUME_CONFIG_public: "[Public]; path=/shares/public; valid users = oster; guest ok = no; read only = no; browseable = yes; force group = 1000" + SAMBA_VOLUME_CONFIG_public_ro: "[Public ReadOnly]; path=/shares/public; guest ok = yes; read only = yes; browseable = yes; force group = 1000" + + + #SAMBA_VOLUME_CONFIG_guestmultilineexample: | + # [Guest Share] + # path = /shares/guest + # guest ok = yes + # browseable = yes + + volumes: + - /etc/avahi/services/:/external/avahi + + # avoid loops when mounting folders to /shares (I'd recommend explicit mapping for each share) + - ./shares/public:/shares/public + - ./shares/oster:/shares/oster + - ./paperless-consume:/shares/paperless-consume