A basic FreeBSD NAS with netatalk3

Thoughts

FreeNAS has run flawlessly on any vanilla hardware I've thrown at it over the years. With the release of FreeBSD 10 however, I decided it might be fun to build a NAS from scratch. FreeBSD includes the new pkg manager by default and its ZFS support is rock solid; it's a great time to be a FreeBSD fan.

Deciding on a sharing protocol

What sharing protocol mix you choose to employ will obviously depend on the clients you're intending to access it with. For my household, we predominately run a mixture of Mac OS X Lion and Mavericks.

Samba arguably would make sense given Apple even uses it to carry AFP on Mavericks. We don't have Windows production machines outside of VMs here, but it would be nice to have the ability to talk to potential ones in the future. Unfortunately, my venerable Mac Pro only runs Lion, and its spotty SMB support is the stuff of legend. It was therefore quickly ruled out.

The next choice was NFS. Plenty of people I know use this in home environments, but I've always been wary of its security issues related to user IDs. The latest release seemingly resolves many of these problems, but unfortunately we're back to Lion compatibility issues. I could dive into FUSE, but would rather not.

The solution therefore was falling back to AFP.

Netatalk 3

Netatalk is a free and open source implementation of Apple's AFP. Frustratingly, nearly all the online examples and documentation I searched for discusses Netatalk 2. Netacad 3 is very different in many ways, with all the new AFP features and a simplified configuration file.

By default on FreeBSD 10, we install it thusly: 

# pkg update
# pkg install netatalk3

The configuration file is beautifully simple, and now resides in the following location:

# vi /usr/local/etc/afp.conf

The file is split into Global, Homes and Shares. The default configuration shows you what to do, but here are the sections from mine:

[Global]
  hosts allow = 10.0.1.0/24
  mimic model = Xserve

Here we define which hosts we want to access. We can use CIDR notation for the subnet mask, which is rather nice. Alternatively, you can specific specific hosts. Mimic model determins which icon to show in the Finder when you connect to it; Xserve looks swish.

; [Homes]
  ; basedir regex = /xxxx

Here we can define a default share based on the username of the client accessing. I can see it being a cool feature, but not one I'll be using so I've left it commented out.

[MediaDrive]
  path = /pool/media
  valid users = shimapan sukumizu kiri

And here we define all the shares we want. Initially I was confused and thought we somehow had to define all our paths and users here. We can have multiple ones, with the name to appear in the Finder in the square brackets.

For my use case, I defined several new users in FreeBSD for each family member, then used their respective names in the “valid users” option for different shares shares. That way, everyone can read and write to what they need to when backing up data or reading common files. I like how that works.

/etc/rc.conf

Now that we’ve configured it, we enable it for boot in the venerable rc.conf:

netatalk_enable="YES"
afpd_enable="YES"
cnid_metad_enable="YES"
dbus_enable="YES"

And we're done! I didn't need/want autodiscovery, but if you want your FreeBSD VPS appearing in the Finder automatically, you'll want to enable Avahi next.

Useful posts elsewhere

Author bio and support

Me!

Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.