I've had both a coworker and a FreeBSD developer ask me recently how to use FreeBSD as a Time Capsule for Time Machine from OSX. There are a lot of tutorials out there and most of them are non-functional. This is possibly the simplest guide that is known to be working. It uses local unix account authentication for the shares over AFP, and of course it's backed by ZFS.
pkg install netatalk3 avahi-app
[Global] vol preset = default_for_all_vol log file = /var/log/netatalk.log hosts allow = 172.16.1.0/24 2001:470:1f11:1e8::/64 mimic model = TimeCapsule6,116 [default_for_all_vol] #file perm = 0640 #directory perm = 0750 cnid scheme = dbd #ea = none|auto|sys ea = ad [backup-mark] path = /local/timecapsule/mark valid users = feld time machine = yes
<?xml version="1.0" standalone='no'?><!--*-nxml-*--> <!DOCTYPE service-group SYSTEM "avahi-service.dtd"> <service-group> <name replace-wildcards="yes">%h</name> <service> <type>_afpovertcp._tcp</type> <port>548</port> </service> </service-group>
# time machine dbus_enable="YES" netatalk_enable="YES" afpd_enable="YES" cnid_metad_enable="YES" avahi_daemon_enable="YES"
I'm aware Apple is moving away from AFP to SMB, but I haven't investigated what it would take to make this work with Samba instead of Netatalk.
Generating DDNS TSIG Keys for BIND
The tutorials on how to generate TSIG keys for BIND DDNS updates suck. It would also be tedious if tasked to generate several. I'm not sure why ISC has not produced a standalone script or utility to make this easier as nobody should have to piece it together by ...read more
Speeding up MySQL Import on FreeBSD
I was recently tasked with rebuilding a readonly slave database server which only slaves a couple of the available databases. The backup/dump is straightforward and fast, but the restore was being excruciatingly slow. I didn't want to wait a week for this thing to finish, so I had ...read more
Monitoring FreeBSD Base System Vulnerabilities with pkg audit
The FreeBSD base system has been difficult to monitor for published vulnerabilities for a long time. This will improve when we achieve a packaged base system, but that leaves users of currently supported -RELEASE systems without a standardized option.
The freebsd-version(1) utility has existed since FreeBSD 10.0. This ...read more
Java KVM Troubles on OSX
I was having troubles on OSX getting access to the KVM at work which is a Dell KVM 4322DS. The connection errors from Java about security settings were not resolved by whitelisting the site in the Java console. Turns out newer Java disables some SSL/TLS algorithms and settings that ...read more
Fixing Time Machine / Netatalk (error (null))
Recently I was setting up a new Time Machine backup on my wife's MacBook so it would use my FreeBSD/ZFS server. My own personal MacBook was already backing up to it successfully and has been for quite some time. When I attempted to start a new backup to ...read more
Mono's DNS is broken
Routing a FreeBSD Jail through OpenVPN
I decided I wanted to concoct a solution where I could force all applications in a jail or jails through a VPN connection without affecting the internet connectivity of other daemons on the system. After some headbanging I was able to make this work. The OS version being used in ...read more
Braindead FreeBSD Backups with Tarsnap and ACTS
IPv6 via 6rd on FreeBSD
My ISP is Charter and they support 6rd for IPv6. Unfortunately 6rd support does not exist in the stf(4) driver in FreeBSD yet. There is a work-in-progress implementation available from hrs in ports, net/stf-6rd-kmod. However, I haven't found very good documentation on exactly how to use it ...read more