zet.home.arpa: document all services and SSL/nginx setup

- Server overview (README.md) with services, storage, and network summary - Storage layout with disk/fstab/mount details (storage.md) - Service docs: Samba, NFS, Squid, Pi-hole (with DHCP/split-DNS notes) - Let's Encrypt cert via acme.sh + GoDaddy DNS-01 (ssl/) - nginx SSL reverse proxy config and virtual host guide (nginx/) - Pi-hole moved to port 8081; split DNS overrides documented for both Pi-hole and pfSense Unbound to avoid hairpin NAT issues Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 14:37:04 +00:00
parent 060219d161
commit 7c4c786e7b
10 changed files with 948 additions and 0 deletions
--- a/zet.home.arpa/samba/README.md
+++ b/zet.home.arpa/samba/README.md
@@ -0,0 +1,86 @@
+# Samba — zet.home.arpa
+
+SMB file sharing for the home network.
+
+## Overview
+
+| Field | Value |
+|-------|-------|
+| **Package** | `samba` (Ubuntu package) |
+| **Version** | Samba 4.19.5-Ubuntu |
+| **Config** | `/etc/samba/smb.conf` |
+| **Logs** | `/var/log/samba/log.%m` |
+| **Services** | `smbd.service`, `nmbd.service` |
+
+## Shares
+
+| Share name | Path | Read-only | Notes |
+|------------|------|-----------|-------|
+| `photos` | `/data/ssd-photos` | No | Crucial MX500 SSD — photos library |
+| `hsgt10a` | `/data/hsgt10a` | No | HGST 10 TB primary bulk drive |
+| `printers` | `/var/tmp` | Yes | Default printer share (unused) |
+| `print$` | `/var/lib/samba/printers` | Yes | Printer drivers (unused) |
+
+### Access paths (from Windows/macOS)
+
+```
+\\172.27.0.35\photos
+\\172.27.0.35\hsgt10a
+```
+
+## Configuration (`/etc/samba/smb.conf` — relevant sections)
+
+```ini
+[global]
+   workgroup = WORKGROUP
+   server role = standalone server
+   map to guest = bad user
+   usershare allow guests = yes
+   log file = /var/log/samba/log.%m
+   max log size = 1000
+
+[photos]
+   comment = Photos SSD on Zet
+   path = /data/ssd-photos
+   read only = no
+   browsable = yes
+
+[hsgt10a]
+   comment = HSGT10 Data Drive
+   path = /data/hsgt10a
+   read only = no
+   browsable = yes
+```
+
+## Service Management
+
+```bash
+sudo systemctl status smbd nmbd
+sudo systemctl restart smbd nmbd
+sudo systemctl enable smbd nmbd      # already enabled
+```
+
+## User Management
+
+```bash
+sudo smbpasswd -a <username>         # add Samba user
+sudo smbpasswd -e <username>         # enable user
+sudo pdbedit -L                      # list Samba users
+```
+
+## Testing
+
+```bash
+testparm                             # validate smb.conf syntax
+smbclient -L 172.27.0.35 -N         # list shares anonymously
+sudo tail -f /var/log/samba/log.smbd # watch connections
+```
+
+## Migration Notes
+
+To migrate to a new server:
+1. Install: `sudo apt install samba`
+2. Copy `/etc/samba/smb.conf`
+3. Recreate Samba users: `sudo smbpasswd -a <username>`
+4. Ensure `/data/ssd-photos` and `/data/hsgt10a` are mounted at the same paths
+5. Restart: `sudo systemctl enable --now smbd nmbd`