BUILD SAMBA ONGOING.txt

####### Criado por OpenSea #######
### openseatecnologia.github.io ##

### Os comandos devem ser rodados diretamente no Shell (Copia e cola) e não através de script, informe as variaveis antes de colar ###

######## IMPORTANTE #########
# Confira o final do arquivo que 
# está comentado para devida configuração 
######## IMPORTANTE #########


### Aquisição de variaveis ###
export LAN=eth3
export HOSTNAME=SAMBA4
export SAMBA_DC_DOMAIN=smb
export SAMBA_DC_REALM=localdomain.lan
export SAMBA_DC_DNS_BACKEND=SAMBA_INTERNAL
export SAMBA_DC_ADMIN_PASSWD=#TestYourDomain!
export KERBEROS_PASSWORD=#TestYourKRB!

### Configurações de rede para o Alpine Linux ###
echo \
"## Disable Swap
vm.swappiness = 0
## IPv4 Configuration
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.ping_group_range=999 59999
kernel.panic = 120
##Force IPv6 off
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1" > /etc/sysctl.d/00-alpine.conf
rc-update add sysctl
service sysctl start
## Timezone
echo "nameserver 8.8.8.8" > /etc/resolv.conf
apk update
apk add tzdata
cp /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime
echo "America/Sao_Paulo" > /etc/timezone

### Instalação de depêndencias ###
apk update --quiet --no-cache 
apk upgrade --quiet --no-cache
apk add --quiet --no-cache bash dnsmasq ca-certificates expect krb5 krb5-server openldap-clients samba-dc
mv /etc/samba/smb.conf /etc/samba/smb.conf.backup
mkdir -p /var/log/samba/cores
rm -rf /tmp/*
rm -rf /var/cache/apk/*

### Configuração de arquivos do samba e dnsmasq ###
mkdir -p /var/lib/samba/sysvol/
echo "[global]
   server role = active directory domain controller
   workgroup = ${SAMBA_DC_DOMAIN}
   dns forwarder 127.0.0.2
   bind interfaces only = yes
   log file = /usr/local/samba/var/log.%m
   max log size = 50
   interfaces = ${LAN} lo
   dns proxy = no

[netlogon]
   path = /var/lib/samba/sysvol/%REALNAMES%/scripts
   read only = No

[sysvol]
   path = /var/lib/samba/sysvol/
   read only = No

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[printers]
   comment = All Printers
   path = /usr/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes" > /etc/samba/smb.conf

echo "port=53
resolv-file=/etc/dnsmasq.resolv
listen-address=127.0.0.2" > /etc/dnsmasq.d/smb.conf

### Adequação de placa de rede ###
echo "auto lo:0
iface lo:0 inet static
address 127.0.0.2
netmask 255.0.0.0" > /etc/network/interfaces

### Adequação de permissões e inicialização ###
chown -R nobody.nogroup /var/lib/samba/sysvol/%REALMNAME%/scripts
chmod 771 /var/lib/samba/sysvol
chmod 771 /var/lib/samba/sysvol/%REALMNAME%
chmod 771 /var/lib/samba/sysvol/%REALMNAME%/scripts
chmod -R 700 /var/log/samba
service dnsmasq start
rc-update add samba
rc-update add dnsmasq

### Provisionar domínio ### ~ Comentado, adeque antes de usar ~
#samba-tool domain provision \
#    --use-rfc2307 \
#    --domain="${SAMBA_DC_DOMAIN}" \
#    --realm="${SAMBA_DC_REALM}" \
#    --server-role=dc \
#    --adminpass="${SAMBA_DC_ADMIN_PASSWD}" \
#    --dns-backend="${SAMBA_DC_DNS_BACKEND}"