add time machine support

scripts/setup_repo.py

@@ -37,7 +37,7 @@ if __name__ == "__main__":
             f.write(f"su - me -c 'echo \"{users[user]}\\n{users[user]}\\n\" | pdbedit -s smb.conf -a {user}'\n")
 
     # add volumes to nas
-    mounts = json.load(open("nas/mounts.json"))
+    mounts = json.load(open("nas/mounts.json", "r"))
     with open("compose.override.yml", "w") as f:
         if mounts:
             f.writelines(s + "\n" for s in [
@@ -47,3 +47,12 @@ if __name__ == "__main__":
             ] + [
                 f"      - {mounts[m]}:/home/me/share/{m}" for m in mounts
             ])
+
+    # generate nas config
+    shutil.copyfile("nas/base.conf", "nas/smb.conf")
+    with open("nas/smb.conf", "a") as f:
+        if mounts:
+            for dest in mounts:
+                f.write(f"[{dest}]\n")
+                f.write(f"path = /home/me/share/{dest}\n")
+                f.write("\n")

scripts/setup_router.py

@@ -81,6 +81,7 @@ if __name__ == "__main__":
             # IPv6 traffic rules
             "uci add firewall rule",
             f"uci set firewall.@rule[-1].name='allow-{name}'",
+            "uci set firewall.@rule[-1].family='ipv6'",
             "uci set firewall.@rule[-1].src='wan'",
             "uci set firewall.@rule[-1].dest='lan'",
             f"uci set firewall.@rule[-1].dest_ip='::{IPV6}/{DP_LEN-128}'",

scripts/setup_server.py

@@ -24,17 +24,6 @@ if __name__ == "__main__":
     if not file.exists():
         with file.open("w") as f:
             f.write("PasswordAuthentication no\n")
-    try:
-        run("addgroup --gid 2000 web")
-        run("addgroup --gid 2001 monero")
-        run("addgroup --gid 2002 game")
-        run("addgroup --gid 2003 nas")
-        run(f"adduser {os.getlogin()} web")
-        run(f"adduser {os.getlogin()} monero")
-        run(f"adduser {os.getlogin()} game")
-        run(f"adduser {os.getlogin()} nas")
-    except:
-        pass
 
     # install docker and configure
     run("snap install docker")
@@ -48,6 +37,18 @@ if __name__ == "__main__":
         json.dump(cfg, f, indent=4)
     run("systemctl restart snap.docker.dockerd.service")
 
+    try:
+        run("addgroup --gid 2000 web")
+        run("addgroup --gid 2001 monero")
+        run("addgroup --gid 2002 game")
+        run("addgroup --gid 2003 nas")
+        run(f"adduser {os.getlogin()} web")
+        run(f"adduser {os.getlogin()} monero")
+        run(f"adduser {os.getlogin()} game")
+        run(f"adduser {os.getlogin()} nas")
+    except:
+        pass
+
     # restrict network access from containers
     file = Path("/etc/systemd/system/docker-restrict.service")
     if not file.exists():