initial commit

Dockerfile

@@ -0,0 +1,19 @@
+
+FROM alpine:latest
+
+COPY ./run.sh /opt/run.sh
+COPY ./add-user-group.py /opt/add-user-group.py
+
+
+RUN set -xe \
+    && apk add --no-cache samba python3 \ 
+    && mkdir /samba \
+    && chmod +x /opt/run.sh \
+    && chmod +x /opt/add-user-group.py
+
+CMD ["/opt/run.sh"]
+
+EXPOSE 137/udp
+EXPOSE 138/udp
+EXPOSE 139/tcp
+EXPOSE 445/tcp

add-user-group.py

@@ -0,0 +1,40 @@
+#!/usr/bin/python3
+
+import os
+import sys
+import subprocess
+
+def main():
+    if (len(sys.argv) < 3):
+        print("No users/groups to configure.")
+        return
+
+    groups = sys.argv[1].split(';')
+    users = sys.argv[2].split(';')
+
+    # group,groupid
+    for group in groups:
+        elements = group.split(',')
+        if (len(elements) != 2):
+            print("Skipping invalid group config string \"" + group + "\"")
+            continue
+        subprocess.check_call("addgroup -g " + elements[1] + " " + elements[0], shell=True)
+        print("Added group " + elements[0] + " with gid " + elements[1])
+        
+
+    # username,uid,password,[group]
+    for user in users:
+        elements = user.split(',')
+        if (len(elements) != 3 and len(elements) != 4):
+            print("Skipping invalid user config string \"" + user + "\"")
+            continue
+        subprocess.check_call("adduser -D -H -u " + elements[1] + " " + elements[0], shell=True)
+        print("Added user " + elements[0] + " with uid " + elements[1])
+        if (len(elements) == 4):
+            subprocess.check_call("addgroup " + elements[0] + " " + elements[3], shell=True)
+            print("Added user " + elements[0] + " to group " + elements[3])
+        # set passwd
+        subprocess.check_call("echo -ne \"" + elements[2] + "\n" + elements[2] + "\n" + "\" | smbpasswd -a -U " + elements[0], shell=True)
+        print("Set user " + elements[0] + " password")
+
+main()

example/docker-compose.yml

@@ -0,0 +1,22 @@
+version: '3.4'
+
+networks:
+  br-samba:
+      external: false
+
+services:
+  samba:
+    image: exp
+    networks:
+      - br-samba
+    ports:
+      - "137:137/udp"
+      - "138:138/udp"
+      - "139:139/tcp"
+      - "445:445/tcp"
+    environment:
+      - "USERS=user1,1000,password1,group1;user2,1001,password2,group1"
+      - "GROUPS=group1,2000"
+    restart: unless-stopped
+    volumes:
+      - ./samba:/samba:z

example/samba/private/secret.txt

@@ -0,0 +1 @@
+this is a secret

example/samba/public/dummy.txt

@@ -0,0 +1 @@
+this is public

example/samba/smb.conf

@@ -0,0 +1,15 @@
+[global]
+	workgroup = TESTGROUP
+ 
+[public] 
+	comment = public share for everyone in group1
+	path = /samba/public
+	read only = no
+	valid users = @group1
+
+[private]
+	comment = private share for user1
+	path = /samba/private
+	valid users = user1
+	read only = no
+	guest ok = no

run.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+set +xe
+echo "====== Configuring users and groups ====="
+python3 /opt/add-user-group.py "$GROUPS" "$USERS"
+echo ""
+echo "====== Starting Samba Daemon ====="
+exec smbd -S -F -d 2 --no-process-group -s /samba/smb.conf