Turn your linux box into an AFP server

Scenario:

You have a Mac computer and a Linux box that you use as a backup server, home theatre, or whatever. That would be nice to have access from your mac to these files. You could do that in many ways:

We are going to look at the latter.

For some reasons, it seems most distributions, at least it is the case for Debian and Ubuntu, have a very old version of netatalk (2.2.6 on Ubuntu!). You really want the latest version of netatalk if you want to enable support of Time Capsule and Spotlight, not even mentioning performances. So, we will have to download the latest version from http://netatalk.sourceforge.net, configure it, compile it and install it.

Step 1: Install avahi

Here is the list of avahi packages I have installed on my system. However, do note that I may have installed a bit too much, as I had installed avahi prior to configuring netatalk, for Ampache:

avahi-autoipd/artful,now 0.6.32-1ubuntu1 amd64 [installed]
avahi-daemon/artful,now 0.6.32-1ubuntu1 amd64 [installed]
avahi-utils/artful,now 0.6.32-1ubuntu1 amd64 [installed]
gnome-user-share/artful,now 3.14.2-2ubuntu5 amd64 [installed]
libavahi-client-dev/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-client3/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-common-data/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-common-dev/artful,now 0.6.32-1ubuntu1 amd64 [installed,automatic]
libavahi-common3/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-core7/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-glib1/artful,now 0.6.32-1ubuntu1 amd64 [installed]
libavahi-ui-gtk3-0/artful,now 0.6.32-1ubuntu1 amd64 [installed]
network-manager/artful,now 1.8.4-1ubuntu3 amd64 [installed]
pulseaudio/artful-updates,now 1:10.0-2ubuntu3.1 amd64 [installed]

Step 2: dependencies

Required for compiling netatalk.

sudo apt-get install build-essential libevent-dev libssl-dev libgcrypt11-dev libkrb5-dev libpam0g-dev libwrap0-dev libdb-dev libtdb-dev libmysqlclient-dev  avahi-daemon libavahi-client-dev libacl1-dev libldap2-dev libcrack2-dev systemtap-sdt-dev libdbus-1-dev libdbus-glib-1-dev libglib2.0-dev

Step 3: dependencies, bis

if you want Spotlight support you have to install tracker libraries too. Here is what I have installed but, same as for avahi, I suspect that some of those packages are not required. You do need extract, sparql and miner and the dev versions as they are required for compiling netatalk.

gir1.2-tracker-2.0/artful,now 2.0.1-1 amd64 [installed,automatic]
libtracker-control-2.0-0/artful,now 2.0.1-1 amd64 [installed,automatic]
libtracker-miner-2.0-0/artful,now 2.0.1-1 amd64 [installed,automatic]
libtracker-miner-2.0-dev/artful,now 2.0.1-1 amd64 [installed]
libtracker-sparql-2.0-0/artful,now 2.0.1-1 amd64 [installed]
libtracker-sparql-2.0-dev/artful,now 2.0.1-1 amd64 [installed]
libxatracker2/artful-updates,now 17.2.8-0ubuntu0~17.10.1 amd64 [installed]
tracker/artful,now 2.0.1-1 amd64 [installed,automatic]
tracker-extract/artful,now 2.0.2-1 amd64 [installed]
tracker-miner-fs/artful,now 2.0.2-1 amd64 [installed]

Step 4: netatalk

Download the latest version of netatalk from http://netatalk.sourceforge.net. Unzip it and cd to the directory, e.g.:

tar xvf netatalk-3.1.11.tar.gz
cd netatalk-3.1.11/

Then we will prepare the makefile with spotlight enabled:

  1. I chose debian-systemd for my with-init-style parameter, adapt the parameter to your own system (see netatalk manual).
  2. Change the tracker version for with-tracker-pkgconfig-version according to what you have installed on your system. Despite I have tracker 2.0.2 I typed 2.0 for the config version parameter as Spotlight was not enabled if 2.0.2 was set.

Run configure:

./configure --with-init-style=debian-systemd --with-zeroconf --with-cracklib --with-tracker-pkgconfig-version=2.0

Then

make -j 2
sudo make install

if successful, check that Spotlight is enabled, the configure output should display something like that:

 AFP:
 Extended Attributes: ad | sys
 ACL support: yes
 Spotlight: yes

Step 5: netatalk configuration file

sudo vi /usr/local/etc/afp.conf

[Global]
; Global server settings
 dbus daemon = /usr/bin/dbus-daemon
 disconnect time = 3
 sleep time = 2
 log file = /var/log/netatalk.log
 log level = default:info
 uam list = uams_dhx2.so
 zeroconf = yes
 save password = no


[1TB]
 path = /YOURPATH/YOURPATH/YOURPATH
 spotlight = yes
 valid users = USERNAME1 USERNAME2 USERNAME3
 unix priv = yes
 file perm = 0600

[BCTimeCapsule01]
path = /YOURPATH/YOURPATH/
valid users = USERNAME2
time machine = yes
unix priv = yes
file perm = 0600

Adapt the configuration parameters to your system:

  • [NAME]: this will be displayed to the client. For instance [BCTimeCapsule01] means that on my mac, in Settings>Time Machine>Add or Remove Backup Disk…, I see BCTimeCapsule01.
  • path: full path of the drive/folder you want to share. For example: /media/username/backupdisk/foldername
  • valid users: valid users on your Linux box, separated by a space.

Step 6: avahi configuration file

sudo vi /etc/avahi/services/timecapsule_afpd.service

This will create a new file, simply add that:

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
 <name replace-wildcards="yes">%h</name>
 <service>
 <type>_afpovertcp._tcp</type>
 <port>548</port>
 </service>
 <service>
 <type>_device-info._tcp</type>
 <port>0</port>
 <txt-record>model=RackMac</txt-record>
 </service>
</service-group>

Step 7: Services

Restart the services to get them to load the new config.

sudo systemctl restart netatalk.service
sudo systemctl restart avahi.service

Then you probably want netatalk to load at boot:

sudo systemctl enable netatalk

you’re done!

How it looks

On your mac, in Settings>Time Machine>Add or Remove Backup Disk…, you should see your remote disk.

Time Machine

And if you map your network drive you will then see it displayed on your desktop or in Finder.

Many thanks to Dariusz who did most of the work finding out what was required to get it running.

2 Comments

Leave a Reply to clemens Cancel reply

Your email address will not be published. Required fields are marked *