Building a FreeBSD backup server

In order to backup my Linux and Mac OS X boxes I set up a FreeBSD server running Netatalk and rsync as daemon. Netatalk plays nicely with Time Machine on the Macs, while rsyncd handles all files sent from my Linux box. This is a home setup, so I want things to be easy and didn't install BackupPC, Bacula, or such. And since my backup server runs inside a virtual machine, I chose good old UFS2 over ZFS after some testing. Interestingly, ZFS (gzip) compression saved more free space (overall ratio was about 1.6:1 of real data to compressed data) than deduplication (benefit was just 1.05:1).

That's all! Neither a fancy avahi nor netatalk configuration is needed. On your Mac open the Time Machine preferences, and click on Add or Remove Backup Disk. Under Available Disks you can select the volume exported by your backup server. If you do so, you will be asked for the tm user's password.
On my Linux box I use a simple shell script to backup my workstation:

#!/bin/sh

rsync -avAHS --del --progress --exclude=/dev --exclude=/media --exclude=/mnt \
	--exclude=/proc --exclude=/run --exclude=/sys --exclude=/tmp \
	--exclude=/usr/portage --exclude=/var/lib/nfs/rpc_pipefs \
	--exclude=/var/tmp --exclude=/var/run \
	/ rsync://backup/linux/
While Time Machine creates historical backups, I created a simple cron job on the backup server to snapshot the rsync area:
#!/bin/sh

today=`date +%a`
rm -f "/backup2/.snap/$today"
mksnap_ffs "/backup2/.snap/$today"

Time Machine with Samba on ZFS

Starting with Mac OS X 10.12, Time Machine over SMB is supported. Hence, I replaced Netatalk with Samba, and also moved the backup volumes to a ZFS filesystem on a FreeBSD 12 box.

  1. I recommend a dedicated filesystem for /timemachine (assuming that your ZFS pool is named zroot):
    # zfs create -o mountpoint=/timemachine zroot/timemachine
    
  2. Install Samba 4.8:
    # make -C /usr/ports/net/samba48 install clean
    
    I just selected these options:
  3. Recent versions of Samba ship with a virtual file system module named fruit which simplifies our configuration. My /usr/local/etc/smb4.conf looks like this:
    [global]
    	workgroup = WORKGROUP
    	security = user
    	netbios name = backup
    	server string = backup.your-local-domain.invalid
    	hostname lookups = yes
    
    	load printers = no
    	show add printer wizard = no
    	time server = yes
    	map to guest = Bad User
    	use mmap = yes
    
    	dos charset = 850
    	unix charset = UTF-8
    	mangled names = no
    
    	log level = 0
    	vfs objects = fruit streams_xattr zfsacl
    
    	fruit:model = MacPro
    	fruit:resource = file
    	fruit:metadata = netatalk
    
    ; time machines
    [macbook]
    	path = /timemachine/macbook
    	read only = no
    	use sendfile = yes
    	browseable = no
    	hosts allow = macbook.your-local-domain.invalid fe80::/10
    	fruit:time machine = yes
    	fruit:time machine max size = 500G
    	valid users = tm
    
  4. Add the system user tm to Samba, and enable that user:
    # smbpasswd -a tm
    New SMB password: <enter a secure password>
    Retype new SMB password: <repeat that secure password>
    # smbpasswd -e tm
    
    Please note that Samba password for the user tm and its system password are not synchronized, and thus can be different.
  5. Stop and disable Netatalk, and enable and start Samba:
    # service netatalk stop
    # service netatalk disable
    # service samba_server enable
    # service samba_server start
    
  6. Now remove the former, Netatalk based backup target from the System Preferences dialog, and add the new Samba based target.