I've had both a coworker and a FreeBSD developer ask me recently how to use FreeBSD as a Time Capsule for Time Machine from OSX. There are a lot of tutorials out there and most of them are non-functional. This is possibly the simplest guide that is known to be working. It uses local unix account authentication for the shares over AFP, and of course it's backed by ZFS.

pkg install netatalk3 avahi-app

/usr/local/etc/afp.conf:

[Global]
vol preset = default_for_all_vol
log file = /var/log/netatalk.log
hosts allow = 172.16.1.0/24 2001:470:1f11:1e8::/64
mimic model = TimeCapsule6,116

[default_for_all_vol]
#file perm = 0640
#directory perm = 0750
cnid scheme = dbd
#ea = none|auto|sys
ea = ad

[backup-mark]
path = /local/timecapsule/mark
valid users = feld
time machine = yes

/usr/local/etc/avahi/services/afp.service:

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_afpovertcp._tcp</type>
<port>548</port>
</service>
</service-group>

/etc/rc.conf:

# time machine
dbus_enable="YES"
netatalk_enable="YES"
afpd_enable="YES"
cnid_metad_enable="YES"
avahi_daemon_enable="YES"

I'm aware Apple is moving away from AFP to SMB, but I haven't investigated what it would take to make this work with Samba instead of Netatalk.


Generating DDNS TSIG Keys for BIND

Thu 15 December 2016 by feld

The tutorials on how to generate TSIG keys for BIND DDNS updates suck. It would also be tedious if tasked to generate several. I'm not sure why ISC has not produced a standalone script or utility to make this easier as nobody should have to piece it together by ...

read more

Speeding up MySQL Import on FreeBSD

Wed 28 September 2016 by feld

I was recently tasked with rebuilding a readonly slave database server which only slaves a couple of the available databases. The backup/dump is straightforward and fast, but the restore was being excruciatingly slow. I didn't want to wait a week for this thing to finish, so I had ...

read more

Monitoring FreeBSD Base System Vulnerabilities with pkg audit

Fri 12 August 2016 by feld

The FreeBSD base system has been difficult to monitor for published vulnerabilities for a long time. This will improve when we achieve a packaged base system, but that leaves users of currently supported -RELEASE systems without a standardized option.

The freebsd-version(1) utility has existed since FreeBSD 10.0. This ...

read more

Java KVM Troubles on OSX

Thu 30 June 2016 by feld

I was having troubles on OSX getting access to the KVM at work which is a Dell KVM 4322DS. The connection errors from Java about security settings were not resolved by whitelisting the site in the Java console. Turns out newer Java disables some SSL/TLS algorithms and settings that ...

read more

Fixing Time Machine / Netatalk (error (null))

Fri 19 February 2016 by feld

Recently I was setting up a new Time Machine backup on my wife's MacBook so it would use my FreeBSD/ZFS server. My own personal MacBook was already backing up to it successfully and has been for quite some time. When I attempted to start a new backup to ...

read more

Mono's DNS is broken

Fri 18 December 2015 by feld

I recently started playing around with Sonarr by porting it to FreeBSD. It's a pretty well designed app -- I'm not aware of an alternative with such a well thought-out interface and deep integration into the other programs it communicates with. I've never run program via mono before ...

read more

Routing a FreeBSD Jail through OpenVPN

Tue 30 June 2015 by feld

I decided I wanted to concoct a solution where I could force all applications in a jail or jails through a VPN connection without affecting the internet connectivity of other daemons on the system. After some headbanging I was able to make this work. The OS version being used in ...

read more

Braindead FreeBSD Backups with Tarsnap and ACTS

Thu 14 May 2015 by feld

Before I start this simple blog post you should be aware that:

Now that has been said, let's start with the super basics. Do you ...

read more

IPv6 via 6rd on FreeBSD

Wed 04 February 2015 by feld

My ISP is Charter and they support 6rd for IPv6. Unfortunately 6rd support does not exist in the stf(4) driver in FreeBSD yet. There is a work-in-progress implementation available from hrs in ports, net/stf-6rd-kmod. However, I haven't found very good documentation on exactly how to use it ...

read more