Fixed SMB share and enabled encrypt

hosts/cyper-controller/smb.nix

@@ -22,6 +22,7 @@
         "map to guest" = "Never";
         "invalid users" = [ "root" ];
         "socket options" = "TCP_NODELAY IPTOS_LOWDELAY";
+        "smb encrypt" = "required";
         "use sendfile" = "yes";
         "log level" = "1";
         "log file" = "/var/log/samba/log.%m";

hosts/cyper-desktop/hardware-configuration.nix

@@ -69,28 +69,35 @@
       (share: {
         name = "/shares/${share}";
         value = {
-          device = "//127.0.0.1/${share}";
+          device = "//192.168.2.2/${share}";
           fsType = "cifs";
           options = [
             "credentials=${config.sops.templates.smb_credentials.path}"
             "iocharset=utf8"
             "_netdev"
-            "auto"
             "nofail"
-            "x-systemd.requires=samba-smbd.service"
+            "uid=${toString config.users.users.${primaryUser}.uid}"
-            "x-systemd.after=samba-smbd.service"
+            "gid=${toString config.users.users.${primaryUser}.group}"
-            "x-systemd.requires=sops-install-secrets.service"
+            "file_mode=0664"
-            "x-systemd.after=sops-install-secrets.service"
+            "dir_mode=0775"
+            "x-systemd.automount"
+            "x-systemd.idle-timeout=60"
           ];
         };
       })
       [
-        "internal"
+        "storage-internal"
-        "fast"
+        "storage-fast"
-        "backup"
+        "storage-backup"
       ]
   );
 
+  systemd.tmpfiles.rules = [
+    "d /shares/storage-internal 0775 ${primaryUser} users -"
+    "d /shares/storage-fast 0775 ${primaryUser} users -"
+    "d /shares/storage-backup 0775 ${primaryUser} users -"
+  ];
+
   swapDevices = [ ];
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";