Minimal Ubuntu Time Machine Backup Service

I’ve been using a Time Machine backup over AFP to an openmediavault (OMV) box. I’ve got some new hardware and installed Ubuntu 16.04 instead. Alas, OMV uses a custom-rolled version of netatalk 3.x to provide AFP services, while Ubuntu (and Debian upstream) only provide 2.x.

This seemed strange to me. netatalk 3.0 was released over 5 years ago, and should have become available in Debian long ago, so I started to research why there was no netatalk 3.x package in Debian. Along the way, I bumped into a comment on a Debian bug report which mentioned that Apple is phasing out the AFP protocol in favour of SMB (note the comment at the very end of article). Ah!

Right, so, I still have no idea why netatalk 3.x is not available in Debian, but it made perfect sense to me to explore what had been done in the Samba project to implement support for Time Machine.

As luck would have it, Samba 4.8.0 was released a couple of weeks ago, and is the first version to include the Time Machine backup support. Unfortunately, because it is so new, it is not be available as an installable package in Ubuntu 16.04 or even 18.04. So, to use it, one must compile Samba from source.

This process works for Ubuntu 16.04 and I am now using it instead of OMV for Time Machine backups.

The steps below will produce a Time Machine backup service that is open and accessible to anyone on the network (ie. guest only). If you want a permissioned service, you will need to adjust the Samba global configuration and the configuration of the Time Machine share to your preferred permissioning method.

Perform the following steps as the root user.  This is easiest via interactive sudo:

sudo -i

Install pre-requisites:

apt-get install -y libreadline-dev git build-essential \
libattr1-dev libblkid-dev autoconf python-dev \
python-dnspython libacl1-dev gdb pkg-config libpopt-dev \
libldap2-dev dnsutils acl attr libbsd-dev docbook-xsl \
libcups2-dev libgnutls28-dev tracker libtracker-sparql-1.0-dev \
libpam0g-dev libavahi-client-dev libavahi-common-dev \
bison flex

Download the source, configure, build and install:

cd /usr/src
wget https://download.samba.org/pub/samba/stable/samba-4.8.0.tar.gz
tar -xzvf samba-4.8.0.tar.gz
cd samba-4.8.0
./configure --systemd-install-services --with-shared-modules=idmap_ad --enable-debug --enable-selftest --with-systemd --enable-spotlight --prefix=/opt/samba4
make
make install

Because we installed it to /opt/samba4, add this to the path:

echo 'export PATH=$PATH:/opt/samba4/bin:/opt/samba4/sbin' >> /etc/profile
source /etc/profile

Create the log file location:

mkdir -p /var/log/samba

Check that the version we are using includes Avahi, Spotlight and Time Machine (check that the flags returned by each of the 3 commands match):

# smbd -b | grep -i avahi
HAVE_AVAHI_CLIENT_CLIENT_H
HAVE_AVAHI_COMMON_WATCH_H
HAVE_AVAHI_CLIENT_NEW
HAVE_AVAHI_STRERROR
HAVE_LIBAVAHI_CLIENT
HAVE_LIBAVAHI_COMMON
WITH_AVAHI_SUPPORT
# smbd -b | grep -i spotlight
WITH_SPOTLIGHT
# smbd -b | grep -i fruit
vfs_fruit_init

Below is a minimal /opt/samba4/etc/smb.conf that has been carefully checked to ensure that parameters that are on by default or implied by others have been removed. This configuration assumes that the location you want to save Time Machine backups to is mounted at /mnt/backup.  We used a RAID 1 mirror formatted with ext4.

/opt/samba4/etc/smb.conf:

[global]
map to guest = Bad User
vfs objects = catia fruit streams_xattr
log file = /var/log/samba/%m
log level = 2
mdns name = mdns

# Time Machine
fruit:veto_appledouble = no
fruit:encoding = native
fruit:metadata = stream

# Security
server min protocol = SMB2

[Time Machine]
fruit:time machine = yes
path = /mnt/backup
guest only = yes
writeable = yes

Starting Samba:

# smbd -s /opt/samba4/etc/smb.conf

To perform your backup, select the “Time Machine” on your server from the “Available Disks” in Time Machine and get started.

Resources

 

Leave a Reply

Your email address will not be published. Required fields are marked *