New SMB add-on (#437)

* New SMB add-on * Update config.json
2025-12-18 21:54:20 +01:00 · 2018-11-03 23:03:10 +01:00
parent b9075a87cc
commit f425a5b1d9
5 changed files with 90 additions and 92 deletions
--- a/samba/CHANGELOG.md
+++ b/samba/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog

+## 7
+- Remove guest access
+- Cleanup structure
+- Use hostname for samba device name
+
 ## 6
 - Enable ntlm auth for Windows10

--- a/samba/Dockerfile
+++ b/samba/Dockerfile
@@ -5,7 +5,8 @@ FROM $BUILD_FROM
 ENV LANG C.UTF-8

 # Setup base
-RUN apk add --no-cache jq samba-server samba-common-tools
+RUN apk add --no-cache \
+        socat curl samba-server samba-common-tools

 # Copy data
 COPY run.sh /
--- a/samba/config.json
+++ b/samba/config.json
@@ -1,6 +1,6 @@
 {
  "name": "Samba share",
-  "version": "6",
+  "version": "7",
  "slug": "samba",
  "description": "Expose Hass.io folders with SMB/CIFS",
  "url": "https://home-assistant.io/addons/samba/",
@@ -10,17 +10,8 @@
  "map": ["config:rw", "ssl:rw", "addons:rw", "share:rw", "backup:rw"],
  "options": {
    "workgroup": "WORKGROUP",
-    "name": "hassio",
-    "guest": true,
-    "map": {
-      "config": true,
-      "addons": true,
-      "ssl": false,
-      "share": true,
-      "backup": true
-    },
-    "username": "",
-    "password": "",
+    "username": "hassio",
+    "password": null,
    "interface": "",
    "allow_hosts": [
        "10.0.0.0/8",
@@ -30,15 +21,6 @@
  },
  "schema": {
    "workgroup": "str",
-    "name": "str",
-    "guest": "bool",
-    "map": {
-      "config": "bool",
-      "addons": "bool",
-      "ssl": "bool",
-      "share": "bool",
-      "backup": "bool"
-    },
    "username": "str",
    "password": "str",
    "interface": "str",
--- a/samba/run.sh
+++ b/samba/run.sh
@@ -4,89 +4,56 @@ set -e
 CONFIG_PATH=/data/options.json

 WORKGROUP=$(jq --raw-output '.workgroup' $CONFIG_PATH)
-NAME=$(jq --raw-output '.name' $CONFIG_PATH)
-GUEST=$(jq --raw-output '.guest' $CONFIG_PATH)
-USERNAME=$(jq --raw-output '.username // empty' $CONFIG_PATH)
-PASSWORD=$(jq --raw-output '.password // empty' $CONFIG_PATH)
-MAP_CONFIG=$(jq --raw-output '.map.config' $CONFIG_PATH)
-MAP_ADDONS=$(jq --raw-output '.map.addons' $CONFIG_PATH)
-MAP_SSL=$(jq --raw-output '.map.ssl' $CONFIG_PATH)
-MAP_SHARE=$(jq --raw-output '.map.share' $CONFIG_PATH)
-MAP_BACKUP=$(jq --raw-output '.map.backup' $CONFIG_PATH)
 INTERFACE=$(jq --raw-output '.interface // empty' $CONFIG_PATH)
 ALLOW_HOSTS=$(jq --raw-output '.allow_hosts | join(" ")' $CONFIG_PATH)
+USERNAME=$(jq --raw-output '.username // empty' $CONFIG_PATH)
+PASSWORD=$(jq --raw-output '.password // empty' $CONFIG_PATH)

-function write_config() {
-    echo "
-[$1]
-   browseable = yes
-   writeable = yes
-   path = /$1
+WAIT_PIDS=()
+NAME=

-   #guest ok = yes
-   #guest only = yes
-   #public = yes
+# Check Login data
+if [ -z "${USERNAME}" ] || [ -z "${PASSWORD}" ]; then
+    echo "[ERROR] No valid login data inside options!"
+    exit 1
+fi

-   #valid users = $USERNAME
-   #force user = root
-   #force group = root
-" >> /etc/smb.conf
-}
+# Read hostname from API
+if ! NAME="$(curl -s -f -H "X-Hassio-Key: ${HASSIO_TOKEN}" http://hassio/info | jq --raw-output '.data.hostname')"; then
+    echo "[WARN] Can't read hostname, use default!"
+    NAME="hassio"
+else
+    echo "[INFO] Read hostname: ${NAME}"
+fi

+# Setup config
 sed -i "s|%%WORKGROUP%%|$WORKGROUP|g" /etc/smb.conf
 sed -i "s|%%NAME%%|$NAME|g" /etc/smb.conf
 sed -i "s|%%INTERFACE%%|$INTERFACE|g" /etc/smb.conf
 sed -i "s|%%ALLOW_HOSTS%%|$ALLOW_HOSTS|g" /etc/smb.conf
+sed -i "s|%%USERNAME%%|$USERNAME|g" /etc/smb.conf

-##
-# Write shares to config
-if [ "$MAP_CONFIG" == "true" ]; then
-    write_config "config"
-fi
-if [ "$MAP_ADDONS" == "true" ]; then
-    write_config "addons"
-fi
-if [ "$MAP_SSL" == "true" ]; then
-    write_config "ssl"
-fi
-if [ "$MAP_SHARE" == "true" ]; then
-    write_config "share"
-fi
-if [ "$MAP_BACKUP" == "true" ]; then
-    write_config "backup"
-fi
-
-##
-# Set authentication options
-if [ "$GUEST" == "true" ]; then
-    sed -i "s|#guest ok|guest ok|g" /etc/smb.conf
-    sed -i "s|#guest only|guest only|g" /etc/smb.conf
-    sed -i "s|#guest account|guest account|g" /etc/smb.conf
-    sed -i "s|#map to guest|map to guest|g" /etc/smb.conf
-    sed -i "s|#public|public|g" /etc/smb.conf
-else
-    sed -i "s|#valid users|valid users|g" /etc/smb.conf
-    sed -i "s|#force user|force user|g" /etc/smb.conf
-    sed -i "s|#force group|force group|g" /etc/smb.conf
-    sed -i "s|#ntlm auth|ntlm auth|g" /etc/smb.conf
-
-    addgroup -g 1000 "$USERNAME"
-    adduser -D -H -G "$USERNAME" -s /bin/false -u 1000 "$USERNAME"
-    # shellcheck disable=SC1117
-    echo -e "$PASSWORD\n$PASSWORD" | smbpasswd -a -s -c /etc/smb.conf "$USERNAME"
-fi
+# Init users
+addgroup "${USERNAME}"
+adduser -D -H -G "${USERNAME}" -s /bin/false "${USERNAME}"
+# shellcheck disable=SC1117
+echo -e "${PASSWORD}\n${PASSWORD}" | smbpasswd -a -s -c /etc/smb.conf "${USERNAME}"

+# Start samba
 nmbd -F -S -s /etc/smb.conf &
-NMBD_PID=$!
+WAIT_PIDS+=($!)
+
 smbd -F -S -s /etc/smb.conf &
-SMBD_PID=$!
+WAIT_PIDS+=($!)

 # Register stop
 function stop_samba() {
-    kill -15 "$NMBD_PID"
-    kill -15 "$SMBD_PID"
-    wait "$SMBD_PID" "$NMBD_PID"
+    echo "Kill Processes..."
+    kill -15 "${WAIT_PIDS[@]}"
+    wait "${WAIT_PIDS[@]}"
+    echo "Done."
 }
 trap "stop_samba" SIGTERM SIGHUP

-wait "$SMBD_PID" "$NMBD_PID"
+# Wait until all is done
+wait "${WAIT_PIDS[@]}"
--- a/samba/smb.conf
+++ b/samba/smb.conf
@@ -2,7 +2,9 @@
   netbios name = %%NAME%%
   workgroup = %%WORKGROUP%%
   server string = Samba HomeAssistant config share
-   security: user
+
+   security = user
+   ntlm auth = yes

   load printers = no
   disable spoolss = yes
@@ -13,6 +15,47 @@
   interfaces = %%INTERFACE%%
   hosts allow = %%ALLOW_HOSTS%%

-   #guest account = root
-   #map to guest = Bad Password
-   #ntlm auth = yes
+[config]
+   browseable = yes
+   writeable = yes
+   path = /config
+
+   valid users = %%USERNAME%%
+   force user = root
+   force group = root
+
+[addons]
+   browseable = yes
+   writeable = yes
+   path = /addons
+
+   valid users = %%USERNAME%%
+   force user = root
+   force group = root
+
+[ssl]
+   browseable = yes
+   writeable = yes
+   path = /ssl
+
+   valid users = %%USERNAME%%
+   force user = root
+   force group = root
+
+[share]
+   browseable = yes
+   writeable = yes
+   path = /share
+
+   valid users = %%USERNAME%%
+   force user = root
+   force group = root
+
+[backup]
+   browseable = yes
+   writeable = yes
+   path = /share
+
+   valid users = %%USERNAME%%
+   force user = root
+   force group = root