diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9ca3b61 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,19 @@ + +FROM alpine:latest + +COPY ./run.sh /opt/run.sh +COPY ./add-user-group.py /opt/add-user-group.py + + +RUN set -xe \ + && apk add --no-cache samba python3 \ + && mkdir /samba \ + && chmod +x /opt/run.sh \ + && chmod +x /opt/add-user-group.py + +CMD ["/opt/run.sh"] + +EXPOSE 137/udp +EXPOSE 138/udp +EXPOSE 139/tcp +EXPOSE 445/tcp diff --git a/add-user-group.py b/add-user-group.py new file mode 100644 index 0000000..0729998 --- /dev/null +++ b/add-user-group.py @@ -0,0 +1,40 @@ +#!/usr/bin/python3 + +import os +import sys +import subprocess + +def main(): + if (len(sys.argv) < 3): + print("No users/groups to configure.") + return + + groups = sys.argv[1].split(';') + users = sys.argv[2].split(';') + + # group,groupid + for group in groups: + elements = group.split(',') + if (len(elements) != 2): + print("Skipping invalid group config string \"" + group + "\"") + continue + subprocess.check_call("addgroup -g " + elements[1] + " " + elements[0], shell=True) + print("Added group " + elements[0] + " with gid " + elements[1]) + + + # username,uid,password,[group] + for user in users: + elements = user.split(',') + if (len(elements) != 3 and len(elements) != 4): + print("Skipping invalid user config string \"" + user + "\"") + continue + subprocess.check_call("adduser -D -H -u " + elements[1] + " " + elements[0], shell=True) + print("Added user " + elements[0] + " with uid " + elements[1]) + if (len(elements) == 4): + subprocess.check_call("addgroup " + elements[0] + " " + elements[3], shell=True) + print("Added user " + elements[0] + " to group " + elements[3]) + # set passwd + subprocess.check_call("echo -ne \"" + elements[2] + "\n" + elements[2] + "\n" + "\" | smbpasswd -a -U " + elements[0], shell=True) + print("Set user " + elements[0] + " password") + +main() \ No newline at end of file diff --git a/example/docker-compose.yml b/example/docker-compose.yml new file mode 100644 index 0000000..c92a13d --- /dev/null +++ b/example/docker-compose.yml @@ -0,0 +1,22 @@ +version: '3.4' + +networks: + br-samba: + external: false + +services: + samba: + image: exp + networks: + - br-samba + ports: + - "137:137/udp" + - "138:138/udp" + - "139:139/tcp" + - "445:445/tcp" + environment: + - "USERS=user1,1000,password1,group1;user2,1001,password2,group1" + - "GROUPS=group1,2000" + restart: unless-stopped + volumes: + - ./samba:/samba:z diff --git a/example/samba/private/secret.txt b/example/samba/private/secret.txt new file mode 100644 index 0000000..b586a10 --- /dev/null +++ b/example/samba/private/secret.txt @@ -0,0 +1 @@ +this is a secret diff --git a/example/samba/public/dummy.txt b/example/samba/public/dummy.txt new file mode 100644 index 0000000..27beb60 --- /dev/null +++ b/example/samba/public/dummy.txt @@ -0,0 +1 @@ +this is public diff --git a/example/samba/smb.conf b/example/samba/smb.conf new file mode 100644 index 0000000..37c24a9 --- /dev/null +++ b/example/samba/smb.conf @@ -0,0 +1,15 @@ +[global] + workgroup = TESTGROUP + +[public] + comment = public share for everyone in group1 + path = /samba/public + read only = no + valid users = @group1 + +[private] + comment = private share for user1 + path = /samba/private + valid users = user1 + read only = no + guest ok = no diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..75f3225 --- /dev/null +++ b/run.sh @@ -0,0 +1,7 @@ +#!/bin/sh +set +xe +echo "====== Configuring users and groups =====" +python3 /opt/add-user-group.py "$GROUPS" "$USERS" +echo "" +echo "====== Starting Samba Daemon =====" +exec smbd -S -F -d 2 --no-process-group -s /samba/smb.conf