this master branch or docker image with tag latest uses samba as package as provided by debian:stretch.
If you want a specific version you can use a tagged version. This tagged version contains a freshly complied samba from official stable releases on debian:stretch. The Source Code is obtained from the following location: https://download.samba.org/pub/samba/stable/
Other then that the container features are kept the same.
- ACCOUNT_username
- multiple variables/accounts possible
- adds a new user account with the given username and the env value as password
to restrict access of volumes you can add the following to your samba volume config:
valid users = alice; invalid users = bob;
-
SAMBA_CONF_WORKGROUP
- default: WORKGROUP
-
SAMBA_CONF_SERVER_STRING
- default: file server
-
SAMBA_CONF_MAP_TO_GUEST
- default: Bad User
-
SAMBA_CONF_ENABLE_PASSWORD_SYNC
- default not set - if set password sync is enabled
-
SAMBA_CONF_ENABLE_NTLM_AUTH
- default not set - if set password sync is enabled
- use for compatibility with xp if you have troubles like NTLMv1 passwords NOT PERMITTED for user
- !!! NOTE: NTLMv1 is known to be broken and it's easy to recover the real password from the hash !!!
-
SAMBA_VOLUME_CONFIG_myconfigname
- adds a new samba volume configuration
- multiple variables/confgurations possible by adding unique configname to SAMBA_VOLUME_CONFIG_
- examples
- "[My Share]; path=/shares/myshare; guest ok = no; read only = no; browseable = yes"
- "[Guest Share]; path=/shares/guests; guest ok = yes; read only = no; browseable = yes"
I had a big headache using samba with timemachine properly - it often breaks and doens't work for quite some time - so I went back to the servercontainers/netatalk container for proper timemachine support. The following text helps you if you want to try - maybe it works maybe it doesn't
To enable TimeMachine Support add this to your SAMBA_VOLUME_CONFIG: fruit:aapl = yes; fruit:time machine = yes;
You can also limit the size available for timemachine by also adding fruit:time machine max size = 500G; (format: SIZE [K|M|G|T|P] )
More infos about the Apple Extensions: https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
- https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
- https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
- https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html
You can't proxy the zeroconf inside the container to the outside, since this would need routing and forwarding to your internal docker0 interface from outside.
You can just expose the needed ports to the docker hosts port and install avahi. After that just add a new service which fits to your config.
/etc/avahi/services/smb.service
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=RackMac</txt-record>
</service>
</service-group>
/etc/avahi/services/smb.service (with TimeMachine Support - more infos: https://gist.github.com/ChloeTigre/4c2022c0d1a281deedba6f7539a2e3ae)
SAMBA_VOLUME_CONFIG_timecapsule: "[Time Capsule]; path = /shares/TimeCapsule; valid users = johndoe; guest ok = no; read only = no; browseable = no; force user = nobody; force group = nogroup; force create mode = 0660; force directory mode = 2770; fruit:aapl = yes; fruit:time machine = yes; fruit:time machine max size = 2000G;"
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_adisk._tcp</type>
<txt-record>sys=waMa=0,adVF=0x100</txt-record>
<txt-record>dk0=adVN=Time Capsule,adVF=0x82</txt-record>
</service>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=RackMac</txt-record>
</service>
</service-group>