Install Server NFS
- update
sudo apt update
- install nfs server
sudo apt install nfs-kernal-server
- view if nfs ok
rpcinfo -p | grep nfs
- other ways view if ok
cat /proc/filesystems | grep nfs
- enable nfs-server start after restart
sudo systemctl enable nfs-server
- create folder
sudo mkdir /mnt/nfs
chown nobody:nogroup /mnt/nfs
- admin privilege on folder
sudo chmod -R 777 /mnt/nfs
- edit exports file
sudo nano /etc/exports
- The /etc/exports Options
| General Options | Description |
|---|---|
| secure | Requires request originate on secure ports, those less than 1024. This is on by default. |
| insecure | Turns off the secure option. |
| ro | Allows only read-only access. This is the default. |
| rw | Allows read/write access. |
| sync | Performs all writes when requested. This is the default. |
| async | Performs all writes when the server is ready. |
| no_wdelay | Performs writes immediately, not checking to see if they are related. |
| wdelay | Checks to see if writes are related, and, if so, waits to perform them together. Can degrade performance. This is the default. |
| hide | Automatically hides an exported directory that is the subdirectory of another exported directory. The subdirectory has to be explicitly mounted to be accessed. Mounting the parent directory does not allow access. This is the default. |
| no_hide | Does not hide an exported directory that is the subdirectory of another exported directory (opposite of hide). Only works for single hosts and can be unreliable. |
| subtree_check | Checks parent directories in a file system to validate an exported subdirectory. This is the default. |
| no_subtree_check | Does not check parent directories in a file system to validate an exported subdirectory. |
| insecure_locks | Does not require authentication of locking requests. Used for older NFS versions. |
| User ID Mapping | Description |
|---|---|
| all_squash | Maps all UIDs and GIDs to the anonymous user. Useful for NFS-exported public FTP directories, news spool directories, and so forth. |
| no_all_squash | The opposite option to all_squash. This is the default setting. |
| root_squash | Maps requests from remote root user to the anonymous UID/GID. This is the default. |
| no_root_squash | Turns off root squashing. Allows the root user to access as the remote root. |
| anonuid | |
| anongid | Sets explicitly the UID and GID of the anonymous account used for all_squash and root_squash options. The defaults are nobody and nogroup. |
exemple:
/var/nfs 127.0.0.1(rw,sync,no_subtree_check,check,crossmnt)
/var/nfs 192.168.1.0/24(rw,sync,no_subtree_check)
for all ip = 0.0.0.0/0 or *
var/nfs 192.168.1.0/24(rw,sync,all_squash,no_subtree_check,root_squash,anonuid=1001,anongid=1001)
iMPORTANT for update settings
exportfs -a
- restart systemctl
sudo systemctl restart nfs-server
FIREWALL
Need open ports 111 and 2049
sudo ufw allow 111
sudo ufw allow 2049
show client on server
showmount -e 10.20.1.36
export list for 10.20.3.36:
/mnt/nfs 10.20.1.56
### On Client
1. install client nfs common
sudo apt install nfs-common
2. mount (ip server) + (shared link) (to folder)
sudo mount 192.168.1.149:/mnt/nfs /mnt/
3. test if all ok
cd /mnt/
for always attach add to fstab service
sudo /etc/fstab