Samba Docker image.
Tip
Want to be notified of new releases? Check out 🔔 Diun (Docker Image Update Notifier) project!
- Features
- Build locally
- Image
- Environment variables
- Volumes
- Ports
- Configuration
- Usage
- Notes
- Upgrade
- Contributing
- License
- Multi-platform image
- Easy configuration through YAML
- Improve operability with Mac OS X clients
- Drop support for legacy protocols including NetBIOS, WINS, and Samba port 139
- Service discovery for Windows supported using WSDD2
git clone https://github.com/crazy-max/docker-samba.git
cd docker-samba
# Build image and output to docker (default)
docker buildx bake
# Build multi-platform image
docker buildx bake image-all
Registry | Image |
---|---|
Docker Hub | crazymax/samba |
GitHub Container Registry | ghcr.io/crazy-max/samba |
Following platforms for this image are available:
$ docker buildx imagetools inspect crazymax/samba --format "{{json .Manifest}}" | \
jq -r '.manifests[] | select(.platform.os != null and .platform.os != "unknown") | .platform | "\(.os)/\(.architecture)\(if .variant then "/" + .variant else "" end)"'
linux/386
linux/amd64
linux/arm/v6
linux/arm/v7
linux/arm64
linux/ppc64le
linux/riscv64
linux/s390x
TZ
: Timezone assigned to the container (defaultUTC
)CONFIG_FILE
: YAML configuration path (default/data/config.yml
)SAMBA_WORKGROUP
: NT-Domain-Name or Workgroup-Name. (defaultWORKGROUP
)SAMBA_SERVER_STRING
: Server string is the equivalent of the NT Description field. (defaultDocker Samba Server
)SAMBA_LOG_LEVEL
: Log level. (default0
)SAMBA_FOLLOW_SYMLINKS
: Allow to follow symlinks. (defaultyes
)SAMBA_WIDE_LINKS
: Controls whether or not links in the UNIX file system may be followed by the server. (defaultyes
)SAMBA_HOSTS_ALLOW
: Set of hosts which are permitted to access a service. (default127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
)SAMBA_INTERFACES
: Allows you to override the default network interfaces list.WSDD2_ENABLE
: Enable service discovery for Windows (default0
)WSDD2_HOSTNAME
: Override hostname (default to host or container name)WSDD2_NETBIOS_NAME
: Set NetBIOS name (default to hostname)WSDD2_INTERFACE
: Reply only on this interface
More info: https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
/data
: Contains cache, configuration and runtime data
445
: SMB over TCP port3702
: WS-Discovery TCP/UDP port5355
: LLMNR TCP/UDP port
More info: https://wiki.samba.org/index.php/Samba_NT4_PDC_Port_Usage
Before using this image you have to create the YAML configuration file
/data/config.yml
to be able to create users, provide global options and add
shares. Here is an example:
auth:
- user: foo
group: foo
uid: 1000
gid: 1000
password: bar
- user: baz
group: xxx
uid: 1100
gid: 1200
password_file: /run/secrets/baz_password
global:
- "force user = foo"
- "force group = foo"
share:
- name: foo
path: /samba/foo
browsable: yes
readonly: no
guestok: no
validusers: foo
writelist: foo
veto: no
hidefiles: /_*/
recycle: yes
A more complete config.yml
example is available here.
veto: no
is a list of predefined files and directories that will not be
visible or accessible:
/._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
More info: https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html#VETOFILES
hidefiles: /_*/
is a list of predefined files and directories that will not be visible, but are accessible:
/_*/
In this example, all files and directories beginning with an underscore (_
) will be hidden.
More info: https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html#HIDEFILES
recycle: yes
this option enables vfs_recycle
module.
The vfs_recycle
intercepts file deletion requests and moves the affected files to a temporary repository rather than deleting them immediately. This gives the same effect as the Recycle Bin on Windows computers.
More info: https://www.samba.org/samba/docs/current/man-html/vfs_recycle.8.html
Docker compose is the recommended way to run this image. Copy the content of folder examples/compose
in /var/samba/
on your host for example. Edit the compose and configuration files with your preferences and run the
following commands:
docker compose up -d
docker compose logs -f
You can also use the following minimal command:
docker run -d --network host \
-v "$(pwd)/data:/data" \
--name samba crazymax/samba
Recreate the container whenever I push an update:
docker compose pull
docker compose up -d
Values in a YAML file can be set by variables, and interpolated at runtime using
a Bash-like syntax ${VARIABLE}
.
Default values can be defined inline using typical shell syntax ${VARIABLE-default}
.
It evaluates to default only if VARIABLE
is unset in the environment.
Here is an example:
auth:
- user: foo
group: foo
uid: 1000
gid: 1000
password: bar
share:
- name: foo
path: /samba/foo
browsable: ${BROWSABLE-no}
readonly: no
guestok: no
validusers: foo
writelist: foo
services:
samba:
image: crazymax/samba
network_mode: host
volumes:
- "./data:/data"
- "./foo:/samba/foo"
environment:
- "BROWSABLE=yes"
restart: always
Use the following commands to check the logs and status:
docker compose logs samba
docker compose exec samba smbstatus
Service discovery for Windows can be enabled by setting WSDD2_ENABLE
to 1
.
You also need to set the following capabilities to the container:
CAP_NET_ADMIN
CAP_NET_RAW
Name will be the hostname
of the host if network mode is host
or one of
the container. If you want to override this value, you can set hostname
in
your compose file or set WSDD2_HOSTNAME
env var.
NetBIOS name will be the hostname
of the host. If you want to override this
value, you can set WSDD2_NETBIOS_NAME
env var.
See examples/windows as an example.
Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. You can also support this project by becoming a sponsor on GitHub or by making a PayPal donation to ensure this journey continues indefinitely!
Thanks again for your support, it is much appreciated! 🙏
MIT. See LICENSE
for more details.