Most people use Microsoft file services either peer to peer or hosted on a NAS, a media server, or a Microsoft system configured for file services. In this video we review a very simple way to create shared folders inside of a LXD container and share them to users.
We have covered LXD configuration many times on the channel. Assuming you already have LXD installed and configured with the “lxd init” command, let’s review how to convert your LXD host ethernet interface to be a software bridge and also how to create a LXD profile that uses that bridge.
To reconfigure your ethernet device on your host, head over to the netplan configuration location.
sudo su
cd /etc/netplan
Edit your netplan yaml file (your name may differ):
sudo nano 00-installer-config.yaml
Replace the content with the following adjusting your physical Ethernet adapter name from enp3s0 to yours, setting a static address which is unused on your network, and setting your gateway address:
network:
version: 2
ethernets:
enp3s0:
dhcp4: false
dhcp6: false
bridges:
bridge0:
interfaces: [enp3s0]
addresses: [172.16.1.50/16]
routes:
- to: default
via: 172.16.0.1
nameservers:
addresses:
- 1.1.1.1
- 1.0.0.1
parameters:
stp: true
forward-delay: 4
dhcp4: no
Once you have edited the file to your liking, save and apply it:
sudo netplan apply
Next, create a new lxd profile to use the bridge:
lxc profile create bridgeprofile
Cut and paste the following into your terminal for this new profile:
lxc profile create untagged
cat <<EOF | lxc profile edit untagged
description: Untagged macvlan LXD profile
devices:
eth0:
name: eth0
nictype: bridged
parent: bridge0
type: nic
EOF
The purpose of the bridge and the bridge profile is to be able to easily create LXD containers with the address of your main LAN. Here’s how we create our new container:
lxc launch ubuntu:22.04 CIFS-Server --profile default --profile bridgeprofile -c limits.memory=2048MB -c limits.cpu.allowance=20% -c boot.autostart=true
Once the container is created, connect to its console:
lxc exec CIFS-Server bash
Update the container and create a user account for yourself. Also, install net-tools for convenience.
adduser scott
usermod -aG sudo scott
apt install net-tools
Install Samba and backup the samba configuration file:
apt install samba -y
sudo cp -pf /etc/samba/smb.conf /etc/samba/smb.conf.bak
We added a group called smgrp for a group share. We created a new user named “shares” and we granted the shares user and the scott user access to the smgrp:
sudo addgroup smbgrp
sudo useradd shares -G smbgrp
sudo usermod -aG smbgrp scott
We created Samba passwords for both user accounts:
sudo smbpasswd -a scott
sudo smbpasswd -a shares
We created the folder for the shares account, set permission and changed ownership accordingly for group access.
sudo mkdir -p /samba/shares
sudo chmod -R 0770 /samba/shares
sudo chown root:smbgrp /samba/shares
To see how you Samba server is running and show is connected:
smbstatus
Edit the Samba configuration file, and add share definitions at the end:
sudo nano /etc/samba/smb.conf
I added definitions for the group share and for a personal share to the end of the file:
[MYGROUP]
comment = Group Share Folder
path = /samba/shares
valid users = @smbgrp
browsable = yes
writable = yes
read only = no
[SCOTT]
path = /home/scott
valid users = scott
browsable = yes
writable = yes
read only = no
Save the file out. To make sure there are no errors:
testparm
You can remove a user’s access by deleting their Samba password:
sudo smbpasswd -x scott
NOTE: In some instances, it is necessary to restart the Samba server to get a configuration to update:
sudo systemctl restart smbd