Set up Samba on OpenSuse with Podman Quadlets
Nov 19, 2023
I recently found myself needing to set up a samba server on an OpenSuse MicroOS server. Since MicroOS is immutable, installing the server natively isn't the best approach. Instead, I decided to try running samba in a container.
Fortunately, there is already a ready to use image on the opensuse container registry for samba. You can print the usage instructions with the following command:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46 | podman run --rm registry.opensuse.org/opensuse/samba:latest -h
Samba server container
The container will be configured as samba sharing server and it just needs:
* host directories to be mounted,
* users (one or more username:password tuples) provided,
* shares defined (name, path).
Options:
-s <name:path>[:browse:readonly:guest:users:admins:writelist:comment]
Configure a share.
* name Required, name of the share
* path Required, exported path of the share
* browse Optional, if share is seen in a net view
* readonly Optional, if share is read-only or read-write
* guest Optional
* users Optional, comma separated list of valid users
* admins Optional, comma separated list of admin users
* writelist Optional, comma separated list of of users with write access
* comment Optional, '_' will be replaced with a space
-u <name:password>[:UID:group:GID]
Create user with optional UID and group. This option is not recommended
because the password will be visible by users listing the processes.
* name Required, username
* password Required, password of user
* UID Optional, UID of the user
* group Optional, users default group
* GID Optional, GID of the group
-h
Display help text and exit
Environment variables:
DEBUG=[0|1] Enable debug mode
TZ=<timezone> Set timezone
WORKGROUP=<name> Specify name of workgroup, default is 'WORKGROUP'
USER=<name:password>[:UID:group:GID]
SHARE=<name:path>[:browse:readonly:guest:users:admins:writelist:comment]
USER_FILE=<filename> Specify file containing user entries to create
SHARE_FILE=<filename> Specify file containing shares to export
Additional variables starting with the same name followed by a number are
supported for 'USER' and 'SHARE', e.g. SHARE, SHARE1, SHARE2, ...
USER_FILE and SHARE_FILE expect files which contain one line per entry in
the format of 'USER' and 'SHARE'.
|
Creating a Systemd service using Quadlet
Podman quadlet is an awesome way to create systemd services for your containers. It's kind of like an alternative to something like docker-compose, but systemd takes care of most of the details for actually creating/starting your containers. All you need to do is write a container definition file that tells systemd what to do.
Here's a quick example of how to use it to create a samba service:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25 | # /etc/containers/systemd/samba.container
[Unit]
Description=My Samba Server
[Install]
# Start by default on boot
WantedBy=multi-user.target default.target
[Service]
Restart=always
# Set to 15 minutes to avoid timeout while downloading the image for the first time
TimeoutStartSec=900
[Container]
Image=registry.opensuse.org/opensuse/samba:latest
# change this to point to your host data folder
Volume=/var/mydata:/mydata:z
PublishPort=139:139
PublishPort=445:445
# make sure to review these options (and at least change the user password)
Exec=-s "MyShare:/mydata:true:false:true:bob:bob:bob" -u "bob:goodpassword"
|
After customizing it, save the above to /etc/containers/systemd/samba.container then run:
| systemctl daemon-reload
systemctl start samba
|
And that's it! Unless it failed, you should now have a running container called systemd-samba. Try rebooting the server and be amazed at how your samba server automatically starts up!
You can read more about quadlets here.
© Alejandro Ramallo 2024