Jail: atm
one time
zfs create -o quota=512G ship/backup/sharad
zfs create -o quota=512G ship/backup/rachna
zfs create -o quota=512G ship/backup/nivi
zfs create -o quota=512G ship/backup/rishabh


zfs set aclinherit=passthrough ship/backup/sharad
zfs set aclinherit=passthrough ship/backup/rachna
zfs set aclinherit=passthrough ship/backup/nivi
zfs set aclinherit=passthrough ship/backup/rishabh

zfs set alcmode=passthrough ship/backup/sharad
zfs set alcmode=passthrough ship/backup/rachna
zfs set alcmode=passthrough ship/backup/nivi
zfs set alcmode=passthrough ship/backup/rishabh
create jail
export JAIL=atm
export JAILHOSTNAME=atm
export JAILDOMAIN=ahlawat.com
export JAILIP=64
export JAILUSER=X
export JAILUSERID=1000
export JAILUSERVNC=false

/root/FreeBSD/jails/create.sh $JAIL $JAILHOSTNAME $JAILDOMAIN $JAILIP $JAILUSER $JAILUSERID $JAILUSERVNC

ocage exec $JAIL mkdir /mnt/sharad
iocage exec $JAIL mkdir /mnt/rachna
iocage exec $JAIL mkdir /mnt/nivi
iocage exec $JAIL mkdir /mnt/rishabh
iocage fstab -a $JAIL /mnt/ship/backup/sharad /mnt/sharad nullfs rw 0 0
iocage fstab -a $JAIL /mnt/ship/backup/rachna /mnt/rachna nullfs rw 0 0
iocage fstab -a $JAIL /mnt/ship/backup/nivi /mnt/nivi nullfs rw 0 0
iocage fstab -a $JAIL /mnt/ship/backup/rishabh /mnt/rishabh nullfs rw 0 0
iocage fstab -l $JAIL

iocage exec $JAIL "pkg install -y -r pkgp122 openldap-sasl-client nss-pam-ldapd-sasl netatalk3"
iocage exec $JAIL "pkg lock -y openldap-sasl-client"

iocage exec $JAIL "cp /mnt/config/ldap.conf /usr/local/etc/openldap"
iocage exec $JAIL "cp /mnt/config/pam_ldap.conf /usr/local/etc/ldap.conf"
iocage exec $JAIL "cp /mnt/config/sshd /etc/pam.d"
iocage exec $JAIL "ln -s /usr/local/bin/bash /bin/bash"
iocage exec $JAIL "cp /mnt/config/nsswitch.conf /etc"
iocage exec $JAIL "cp /mnt/config/nslcd.conf /usr/local/etc"
iocage exec $JAIL "sysrc nslcd_enable=YES"
iocage exec $JAIL "service nslcd start"

iocage exec $JAIL "cp /mnt/config/afp.conf /usr/local/etc"
iocage exec $JAIL "cp /mnt/config/netatalk /etc/pam.d"
iocage exec $JAIL "sysrc dbus_enable=YES"
iocage exec $JAIL "service dbus start"
iocage exec $JAIL "sysrc avahi_daemon_enable=YES"
iocage exec $JAIL "service avahi-daemon start"
iocage exec $JAIL "sysrc netatalk_enable=YES"
iocage exec $JAIL "service netatalk start"
Notes:
TimeMachine backup over SSH:

brew cask install osxfuse
brew install sshfs

mkdir ~/TM
sshfs sharad@atm:/mnt/sharad ~/TM -ovolname=TM

Create a Mac OS Extended (Journaled) dmg image file named "TimeMachine" using "Disk Utility.app" and save it in the sshfs mounted directory "~/TM". 

Configure TimeMachine to use this mounted volume:
sudo tmutil setdestination /Volumes/TimeMachine/

Create executable script and add to "Login Items"
❯ cat mountTM
sshfs sharad@atm:/mnt/sharad ~/TM -ovolname=TM
hdiutil mount ~/TM/TimeMachine.dmg

❯ cat unmountTM
hdiutil unmount /Volumes/TimeMachine
diskutil eject /dev/disk2
umount /Users/ahlawat/TM


Why SSHFS because AFP service breaks after logging in for 75 seconds

{auth.c:536} (note:AFPDaemon): afp_disconnect
which leads to endless reconnect attempts
{dsi_stream.c:504} (error:DSI): dsi_stream_read: len:0, unexpected EOF

This makes AFP unusable, so using the dmg over ssh instead.
afpd.log:
Jun 30 10:14:59.317499 afpd[91592] {auth.c:235} (note:AFPDaemon): Login by nobody (AFP3.4)
Jun 30 10:16:17.463722 afpd[91592] {dsi_stream.c:504} (error:DSI): dsi_stream_read: len:0, unexpected EOF
Jun 30 10:16:17.463802 afpd[91592] {dsi_stream.c:259} (note:DSI): dsi_disconnect: entering disconnected state
Jun 30 10:16:17.626853 afpd[87527] {auth.c:235} (note:AFPDaemon): Login by nobody (AFP3.4)
Jun 30 10:16:17.629971 afpd[87527] {auth.c:536} (note:AFPDaemon): afp_disconnect: trying primary reconnect
Jun 30 10:16:17.630193 afpd[28467] {server_child.c:256} (note:Default): Reconnect: transferring session to child[91592]
Jun 30 10:16:17.630348 afpd[28467] {server_ipc.c:235} (note:AFPDaemon): Reconnect: killing new session child[87527] after transfer
Jun 30 10:16:17.630432 afpd[91592] {afp_dsi.c:188} (note:AFPDaemon): afp_dsi_transfer_session: succesfull primary reconnect
Jun 30 10:16:17.666003 afpd[91592] {dsi_stream.c:504} (error:DSI): dsi_stream_read: len:0, unexpected EOF
Jun 30 10:16:17.666039 afpd[91592] {dsi_stream.c:504} (error:DSI): dsi_stream_read: len:0, unexpected EOF
Jun 30 10:16:17.666069 afpd[91592] {dsi_stream.c:259} (note:DSI): dsi_disconnect: entering disconnected state
Jun 30 10:16:18.648471 afpd[87656] {auth.c:235} (note:AFPDaemon): Login by nobody (AFP3.4)
Showcased here is a capital and operational cost effective approach, using minimal server and networking hardware with multiple virtualized applications for Home and Business. This solution template can be easily scaled out and adapted for larger Enterprise deployments.
drop by the diyIT Matrix public room at #diyit:matrix.ahlawat.com
if you have any IT questions/feedback or to request pro bono consulting for a nonprofit

message me privately at @sharad:matrix.ahlawat.com
or email me at - sharad@ahlawat.com - pgpkey: 68DD6B89
Networking and Security Technologist.
Engineer and an avid Programmer.

https://sharad.ahlawat.com
strive to learn and pass on the knowledge to the next generation
one day humanity will understand the meaning of life and hopefully it will be more than ASCII 42 = "*" regex for whatever you want it to be,
and destiny is more than just a roll of a pair of dice with 42 dots (Lets nail down Quantum Entanglement)

May you Live Long (Intelligently) and Prosper and work on technology that matters.
© 2024 Sharad Ahlawat

No personal identifying data is collected or any form of analytics/metrics reported to a third-party by this website.