jeremyn Posted November 16, 2021 Share Posted November 16, 2021 (edited) I'm a straight up newbie at creating Docker containers. However, I got frustrated at the removal of AFP from Unraid so after some hours of banging my head against the wall I was able to create an insanely basic netatalk docker for Unraid. (Docker experts could have created this in less than a minute, but like I said, I'm a total newbie and it took me a while to figure all this out). I don't want to publish it to CA, since it's about as simplistic as you can get, and it's completely insecure in its current form. This is because I could not figure out how to set up or pass through authentication from Unraid. That kind of thing is way over my head. I have my reasons why I need AFP over SMB, please don't argue I need to move on. I'm aware it's depreciated by both Apple and unraid. But I have reasons to use it on my unraid server. The reason for this post is three fold: 1) I know I'm not the only person to miss AFP in Unraid. So to those of you wondering if it's possible to get it working again, I can confirm it is. 2) I would love to make this Docker Container more secure, and I need help. 3) I'd love for somebody to take this over and even create a webUI for it. Hey I can dream! Rather than posting a completely insecure Docker to Community Applications, I'm posting the Docker Container XML here so people can make suggestions on how to make it more secure. Specifically how to pass the SMB and/or NFS user/group/folder permissions over to AFP. The irony is that this has all been figured out for years but was purged from unraid. So maybe its as simple as somebody posting how unraid integrated these in the past. Attached is the XML that will configure a docker that enables AFP access with full read/write access your mnt/user root to guest AFP users. (I told you it was insecure!) What I've learned so far, adding the command "--volume /mnt/user/appdata/netatalk/afp.conf:/etc/afp.conf" to Extra Parameters will override the default afp.conf with a custom afp.conf you can create in /appdata/netatalk And I was able to restrict users and do some other things in there, but I could never figure out how to properly authenticate, either to a password in the clear in that file, or better to the Unraid user name and password. The netatalk docker also has some authentication functionality, but I could not seem to figure out how to get that to work either. Please help. netatalk.xml Edited November 16, 2021 by jeremyn Quote Link to comment
jeremyn Posted November 19, 2021 Author Share Posted November 19, 2021 Nobody interested huh? I guess I was wrong about #1, and I'm the only person left that cares about AFP. I really wish I understood the authentication stuff better and I'd do this myself. Quote Link to comment
trurl Posted November 19, 2021 Share Posted November 19, 2021 Why are you doing volume mapping with ExtraParams? Quote Link to comment
jeremyn Posted November 20, 2021 Author Share Posted November 20, 2021 (edited) Because I couldn't figure out any other way to do it. Edited November 20, 2021 by jeremyn Quote Link to comment
trurl Posted November 20, 2021 Share Posted November 20, 2021 Do you use any other dockers? Quote Link to comment
jeremyn Posted November 23, 2021 Author Share Posted November 23, 2021 Yes I have quite a few Dockers. Quote Link to comment
trurl Posted November 23, 2021 Share Posted November 23, 2021 Look at any of their templates for how volume mapping is usually done. Quote Link to comment
jeremyn Posted November 25, 2021 Author Share Posted November 25, 2021 (edited) I did that, but I can't seem to translate that over to how the netatalk docker works. But again, most of this is way over my head. And volume mapping isn't my biggest problem, it's permissions. I need to figure out how to honor a login and password. As it sits, only guest works and it's wide open. Edited November 25, 2021 by jeremyn Quote Link to comment
jeremyn Posted November 28, 2021 Author Share Posted November 28, 2021 (edited) With regards to the performance of AFP/Netatalk vs SMB. I'm shocked how much better the overall experience of AFP is compared to SMB. I'm connected to my server via 10Gb ethernet, and the throughput of a single transaction (copying a large single file for example) once established, is slightly faster on SMB, but everything else is SO laggy on SMB. Specifically opening directories, or working with a lot of small files. I just did a test: I tried copying a single steam game with 6,660 files inside total file size 37GB from internal SSD to SMB share and AFP share. The SMB estimate was 3 days (each file takes about 20 sec to get started, then goes relatively fast, rinse-repeat 6,600 times). AFP was able to copy the same folder from the same source to the same destination in 14 min. Edited November 28, 2021 by jeremyn 1 Quote Link to comment
CS01-HS Posted November 28, 2021 Share Posted November 28, 2021 (edited) Apple began AFP deprecation in 2013 and still haven't removed it I assume because they realize their SMB implementation's lacking. I wish unRAID would re-add AFP support but admittedly I don't know how much work's required to maintain it. Edited November 28, 2021 by CS01-HS 1 Quote Link to comment
PicPoc Posted January 20, 2022 Share Posted January 20, 2022 Nice Idea, but I don't know how this works !!!!!!! Does your system is ok now ? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.