[ { "path": "Dockerfile", "content": "FROM debian:jessie\nENV NETATALK_VERSION 3.1.11\n\nENV DEPS=\"build-essential libevent-dev libssl-dev libgcrypt11-dev libkrb5-dev libpam0g-dev libwrap0-dev libdb-dev libtdb-dev libmysqlclient-dev libavahi-client-dev libacl1-dev libldap2-dev libcrack2-dev systemtap-sdt-dev libdbus-1-dev libdbus-glib-1-dev libglib2.0-dev libtracker-sparql-1.0-dev libtracker-miner-1.0-dev file\"\nENV DEBIAN_FRONTEND=noninteractive\nRUN apt-get update \\\n && apt-get install \\\n --no-install-recommends \\\n --fix-missing \\\n --assume-yes \\\n $DEPS \\\n tracker \\\n avahi-daemon \\\n curl wget \\\n && wget \"http://ufpr.dl.sourceforge.net/project/netatalk/netatalk/${NETATALK_VERSION}/netatalk-${NETATALK_VERSION}.tar.gz\" \\\n && curl -SL \"http://ufpr.dl.sourceforge.net/project/netatalk/netatalk/${NETATALK_VERSION}/netatalk-${NETATALK_VERSION}.tar.gz\" | tar xvz\n\nWORKDIR netatalk-${NETATALK_VERSION}\n\nRUN ./configure \\\n --prefix=/usr \\\n --sysconfdir=/etc \\\n --with-init-style=debian-systemd \\\n --without-libevent \\\n --without-tdb \\\n --with-cracklib \\\n --enable-krbV-uam \\\n --with-pam-confdir=/etc/pam.d \\\n --with-dbus-sysconf-dir=/etc/dbus-1/system.d \\\n --with-tracker-pkgconfig-version=1.0 \\\n && make \\\n && make install \\\n && apt-get --quiet --yes purge --auto-remove \\\n $DEPS \\\n tracker-gui \\\n libgl1-mesa-dri \\\n && DEBIAN_FRONTEND=noninteractive apt-get install --yes \\\n libevent-2.0 \\\n libavahi-client3 \\\n libevent-core-2.0 \\\n libwrap0 \\\n libtdb1 \\\n libmysqlclient18 \\\n libcrack2 \\\n libdbus-glib-1-2 \\\n && apt-get --quiet --yes autoclean \\\n && apt-get --quiet --yes autoremove \\\n && apt-get --quiet --yes clean \\\n && rm -rf /netatalk* \\\n && rm -rf /usr/share/man \\\n && rm -rf /usr/share/doc \\\n && rm -rf /usr/share/icons \\\n && rm -rf /usr/share/poppler \\\n && rm -rf /usr/share/mime \\\n && rm -rf /usr/share/GeoIP \\\n && rm -rf /var/lib/apt/lists* \\\n && mkdir /media/share\n\nCOPY docker-entrypoint.sh /docker-entrypoint.sh\nCOPY afp.conf /etc/afp.conf\nENV DEBIAN_FRONTEND=newt\n\nCMD [\"/docker-entrypoint.sh\"]\n" }, { "path": "LICENSE", "content": "The MIT License (MIT)\n\nCopyright (c) 2014 Martin Aksel Jensen, 2015 Ragnar Rova\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "README.md", "content": "# Netatalk in a Docker container\n\nAn container serving [Apple Filing Protocol](https://en.wikipedia.org/wiki/Apple_Filing_Protocol) file sharing, Tracker (search/spotlight integration), and mDNS server for service discovery.\n\n## I'm in the fast lane! Get me started\n\nTo quickly get started with running an [Netatalk] container first you can run the following command:\n\n```bash\ndocker run --detach --publish 548:548 cptactionhank/netatalk:latest\n```\n\n**Important:** This does not announce the AFP service on the network; connecting to the server should be performed by Finder's `Go -> Connect Server (CMD+K)` and then typing `afp://[docker_host]`.\n\nDefault configuration of [Netatalk] has two share called _Share_ which shares the containers `/media/share` and called _TimeMachine_ which shares the containers `/media/timemachine` mounting point. Host mounting a volume to this path will be the quickest way to start sharing files on your network.\n\n```bash\ndocker run --detach --volume [host_path]:/media/share --volume [host_path]:/media/timemachine --publish 548:548 cptactionhank/netatalk:latest\n```\n\n## The slower road\n\nWith the slower roads documentation some knowledge in administering Docker and [Netatalk] assumed.\n\n### Configuring shares\n\nThere are two ways of configuring the [Netatalk] which is either by mounting a configuration file or editing the file from the container itself. Documentation of the configuration file `/etc/afp.conf` can be found [here](http://netatalk.sourceforge.net/3.1/htmldocs/afp.conf.5.html).\n\n#### Host mounted configuration\n\nThis is quite a simple way to change the configuration by supplying an additional docker flag when creating the container.\n\n```bash\ndocker run --detach --volume [host_path]:/etc/afp.conf --volume [host_path]:/media/share --volume [host_path]:/media/timemachine --publish 548:548 cptactionhank/netatalk:latest\n```\n\n#### Container edited configuration\n\nOther ways of enabling customizations of the [Netatalk] configuration file is by mounting the `/etc` by `--volume /etc` such that this directory will remain persistent between restarts and then modify the configuration file. However the first option would be the recommended way to do this.\n\n### Setting up access credentials\n\nTo setup access credentials you should supply the following environment variables from the table below.\n\n|Variable |Description|\n|---------------|-----------|\n|AFP_USER | create a user in the container and allow it access to /media/share |\n|AFP_PASSWORD | password\n|AFP_UID | _uid_ of the created user\n|AFP_GID | _gid_ of the created user\n\n#### Example\n\n```bash\ndocker run --detach \\\n --volume /mnt/sda1/share:/media/share \\\n --net \"host\" \\\n --env AFP_USER=$(id -un) \\\n --env AFP_PASSWORD=secret \\\n --env AFP_UID=$(id -u) \\\n --env AFP_GID=$(id -g) \\\n cptactionhank/netatalk:latest\n```\n\nThis replaces all occurrences of `%USER%` in `afp.conf` with `AFP_USER`\n\n```ini\n[Global]\nlog file = /var/log/netatalk.log\n\n[Share]\npath = /media/share\nvalid users = %USER%\n```\n\n### Service discovery\n\nThis image includes an avahi daemon which is off by default. Enable by setting the environment variable `AVAHI=1` with `docker run -e AVAHI=1 ...`\n\nService discovery works only when the [Avahi] daemon is on the same network as your users which is why you need to supply `--net=host` flag to Docker when creating the container, but do consider that `--net=host` is considered a security threat. Alternatively you can install and setup an mDNS server on the host and have this describing the AFP service for your container.\n\n## Acknowledgments\n\nThanks to @rrva for his work updating this image to [Netatalk] version 3.1.8 and slimming down this image for everyone to enjoy.\n\n## Contributions\n\nThis image has been created with the best intentions and an expert understanding of docker, but it should not be expected to be flawless. Should you be in the position to do so, I request that you help support this repository with best-practices and other additions.\n\nIf you see out of date documentation, lack of tests, etc., you can help out by either\n- creating an issue and opening a discussion, or\n- sending a pull request with modifications\n\nThis work is made possible with the great services from [Docker] and [GitHub].\n\n[Netatalk]: http://netatalk.sourceforge.net/\n[Docker]: https://www.docker.com/\n[GitHub]: https://www.github.com/\n[Avahi]: http://www.avahi.org/\n" }, { "path": "afp.conf", "content": "[Global]\n; output log entries to stdout instead of syslog\n; it is the docker way where the engine in turn\n; can direct the log output to a storage backend\nlog file = /dev/stdout\n\n; enable guest access as well as user accounts\nuam list = uams_guest.so uams_dhx2.so uams_dhx.so\n\n[Share]\npath = /media/share\n; when the environment variable `AFP_USER` is not\n; provided valid users list will be empty and\n; thus be available for both guests and\n; authenticated users\nvalid users = %USER%\n\n[Time Machine]\npath = /media/timemachine\ntime machine = yes\n\n" }, { "path": "docker-entrypoint.sh", "content": "#!/bin/bash\n\nif [ ! -z \"${AFP_USER}\" ]; then\n if [ ! -z \"${AFP_UID}\" ]; then\n cmd=\"$cmd --uid ${AFP_UID}\"\n fi\n if [ ! -z \"${AFP_GID}\" ]; then\n cmd=\"$cmd --gid ${AFP_GID}\"\n groupadd --gid ${AFP_GID} ${AFP_USER}\n fi\n adduser $cmd --no-create-home --disabled-password --gecos '' \"${AFP_USER}\"\n if [ ! -z \"${AFP_PASSWORD}\" ]; then\n echo \"${AFP_USER}:${AFP_PASSWORD}\" | chpasswd\n fi\nfi\n\nif [ ! -d /media/share ]; then\n mkdir /media/share\n echo \"use -v /my/dir/to/share:/media/share\" > readme.txt\nfi\nchown \"${AFP_USER}\" /media/share\n\nif [ ! -d /media/timemachine ]; then\n mkdir /media/timemachine\n echo \"use -v /my/dir/to/timemachine:/media/timemachine\" > readme.txt\nfi\nchown \"${AFP_USER}\" /media/timemachine\n\nsed -i'' -e \"s,%USER%,${AFP_USER:-},g\" /etc/afp.conf\n\necho ---begin-afp.conf--\ncat /etc/afp.conf\necho ---end---afp.conf--\n\nmkdir -p /var/run/dbus\nrm -f /var/run/dbus/pid\ndbus-daemon --system\nif [ \"${AVAHI}\" == \"1\" ]; then\n sed -i '/rlimit-nproc/d' /etc/avahi/avahi-daemon.conf\n avahi-daemon -D\nelse\n echo \"Skipping avahi daemon, enable with env variable AVAHI=1\"\nfi;\n\nexec netatalk -d\n" } ]