Docker Community Forums

Share and learn in the Docker community.

Help needed setting up Samba (dperson)

I’m quite new to docker, I have at the moment Pi-Hole, Home Assistant and Portainer each in their own container on a NUC with Ubuntu. I use docker-compose to configure them, each has its own docker-compose.yml file in a separate directory.

I am now setting up dperson/samba using the sample docker-compose.yml at samba/docker-compose.yml at master · dperson/samba · GitHub.

I have created a “docker” directory i my home folder on the NUC, and want to expose it with Samba so I can easily work on it from my iMac.

So my docker-compose.yml file looks like this:

version: '3.4'

services:
  samba:
    container_name: samba
    image: dperson/samba:latest
    environment:
      TZ: 'Europe/Brussels'
    networks:
      - default
    ports:
      - "137:137/udp"
      - "138:138/udp"
      - "139:139/tcp"
      - "445:445/tcp"
    read_only: true
    tmpfs:
      - /tmp
    restart: unless-stopped
    stdin_open: true
    tty: true
    volumes:
      - $HOME/docker:$HOME/docker:z
    command: '-s "Docker;$HOME/docker;yes;no;no;jdoe;none;jdoe" -n -p'

networks:
  default:

When starting the container with docker-compose up, I get the following:

jdoe@NUC:~/docker/samba$ docker-compose up
Starting samba ... done
Attaching to samba
samba    | [2021/07/20 11:22:59.203675,  0] ../../lib/util/become_daemon.c:135(daemon_ready)
samba    |   daemon_ready: daemon 'nmbd' finished starting up and ready to serve connections
samba    | smbd version 4.12.2 started.
samba    | Copyright Andrew Tridgell and the Samba Team 1992-2020
samba    | daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
samba    | [2021/07/20 11:23:22.248094,  0] ../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2)
samba    |   *****
samba    |   
samba    |   Samba name server 4BAF70B93C2B is now a local master browser for workgroup MYGROUP on subnet 172.21.0.2
samba    |   
samba    |   *****

But I can’t see the “Docker” share on the network… Also the log says “… on subnet 172.21.0.2”. This seems odd to me.

What am I missing here? Thnx in advance for your help :slight_smile:

Good evening,

tl;dr; I guess you are missing the user-definition using the parameter -u …

You have mentioned the docker-compose.yml at the project’s github-location.
Let’s analyze the following excerpt from this file (where I have modified the directories for clarification purpose [which directory is the host’s directory and what is the container’s directory] - you will see later :slight_smile: )

    volumes:
      - /mnth:/mntd:z
      - /mnth2:/mntd2:z
    command: '-s "Mount;/mntd" -s "Bobs Volume;/mntd2;yes;no;no;bob" -u "bob;bobspasswd" -p'

The first three lines will mount the hosts directory /mnth to the docker-container’s directory /mntd and the hosts directory /mnth2 to the docker-container’s directory /mntd2.
Instead of the absolute specification for your hosts directories you can also use your $HOME-variable as in this example:

    volumes:
      - "$HOME/Docker Essentials/62_samba/mnth:/mntd:z"
      - "$HOME/Docker Essentials/62_samba/mnth2:/mntd2:z"

IMHO it doesn’t make sense to use $HOME for the destination-directories within the container - better use absolute values.

The z option tells Docker that the volume content will be shared between containers. (See what is 'z' flag in docker container's volumes-from option? - Stack Overflow)

If you start the container you will have mounted two directories from your docker-host to the container’s directories /mntd and /mntd2.

With the command-line you tell the samba-daemon what to do = which directory should be served and should be accessible by which user. Oh, and which user should have which password :slight_smile:

The -s “Mount;/mntd” from the above example configures samba to serve the container’s directory /mntd (which is you hosts directory /mnth) as share named Mount available to all clients without user-authentication.
The -s “Bobs Volume;/mntd2;yes;no;no;bob” configures samba to serve the container’s directories /mntd2 (which is you hosts directory /mnth2) as share named Bobs Volume available only to user “bob” - it should be browsable, not readonly (= should be writeable), not available to guests (= includes unauthenticated users).
The parameter -p configures samba to set ownership and permissions on the shares.

For detailed explanation of all available parameters see GitHub - dperson/samba: Samba docker container

Within your docker-compose.yml I would remove the ;none;jdoe as it is not needed (because none is the default value and this jdoe is not needed as it is not a readonly-volume).
But what I am really missing is the definition of your user jdoe - with -u “jdoe;jdoespassword”. The volume should only be accessible/visible to the user jdoe but you can not authenticate as this user it will remain hidden/invisible/inacessible.
If I now enter \\192.168.0.235 (my docker-host’s ip-address) I am asked for username and password and after entering the correct values bob and bobspasswd I can see both shares.

Hope this helps… :slight_smile:

2 Likes

HI,
Sorry for a late follow up… I have been too busy at work, but plan to get back to this later this week :slight_smile: Thinks for this very clear explanation, much appreciated. Will definitely follow up and let ya know how’s going.

Wouldn’t make sense to have Samba config folder mounted from local folder and to Samba daemon just pass config file as a parameter?
This would prevent playing with docker-compose file and will allow to change Samba config in the standard way via amending the the smb.conf.

Something like…

volumes:
      - ./samba:/etc/samba
command: '-s /etc/samba/smb.conf'

Just my proposal… ;o)

Hi, awfully sorry for the delay… I had to leave this project for a couple of weeks and now picking up again…
Reading Mattias’ very complete and excellent explanations, I’m try to go step by step just to make sure I understand how things work :slight_smile:
So I trimmed my docker-compose.yml to just this:


version: '3.4'

services:
  samba:
    container_name: samba
    image: dperson/samba:latest
    environment:
      TZ: 'Europe/Brussels'
    networks:
      - default
    ports:
      - "137:137/udp"
      - "138:138/udp"
      - "139:139/tcp"
      - "445:445/tcp"
    read_only: true
    tmpfs:
      - /tmp
    restart: unless-stopped
    stdin_open: true
    tty: true
    volumes:
      - $HOME/docker:/dockerdata:z
    command: '-s "Docker;/dockerdata" -n'

networks:
  default:

If I understood right, this should mount my directory $HOME/docker as /dockerdata in the container, and then serve that directory as a samba share Docker to anyone on the network without authentification. Am I right ?

I am on a iMac. I should be able to see this share as Docker under a new host NUC in the Finder, or am I missing something?

OK solved :slight_smile:. Actually it worked from the beginning, but I interpreted “advertise the shares” in option -n as “shares will automatically show up in the MacOS Finder” :upside_down_face:
Didn’t know I would have to first manually connect to the NUC with Go | Connect to Server in the Finder…
Sorry for the hassle everyone :blush:

Additional question though, probably more network related than Samba on Docker… The NUC shows up in the Finder with its IP address. How do I configure it to show a more meaningful name ?