In Portainer, create a new container and give it a name and use debian:latest for the image. Map the following ports:
- FTP tcp port 21
- Samba tcp ports 139 & 445
- NFS tcp/udp port 2049
- TFTP udp port 69
- Webmin tcp port 10000
In the Advanced Container Settings under Commands and Logging add the command:
/bin/bash -l
Also select the Interactive & TTY (-i -t) console.
Now click on Volumes and add your volume bind mounts. Make sure to also include the following bind mounts:
Host -> Container /volume1/home -> /home rw /volume1/tftpboot -> /export/tftpboot rw /lib/modules -> /lib/modules ro
Then click on Env and add LANG for the name and C.UTF-8 for the value. Also, click on Restart Policy and choose Unless stopped. And lastly, enable ‘Privaliged Mode’ under Runtime & resources.
Now click on the Deplay the Container button. If the container built successfully then you should be able to access the Exec Console. Run the following commands to install Webmin:
# passwd root # apt update # apt install curl net-tools systemctl nano nfs-kernel-server samba tftpd-hpa # curl -o webmin-setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repos.sh # sh webmin-setup-repos.sh # apt-get install webmin --install-recommends
Now you should be able to log into Webmin at https://localhost:10000.
To setup the TFTP server, enter the following command to create a home folder:
# mkdir /volume1/home
Now modify /etc/default/tftpd-hpa to the following:
TFTP_USERNAME="tftp" TFTP_DIRECTORY="/volume1/tftpboot" TFTP_ADDRESS=":69" TFTP_OPTIONS="--secure --create"
Also, add the following lines to your /etc/exports file:
# NFSv4 – pseudo filesystem root /export/tftpboot 192.168.1.0/255.255.255.0(async,rw,insecure,no_root_squash,fsid=0)
Then apply the changes with the following:
$ exportfs -ra
You will need to create a folder called tftpboot on the bind mount in Docker and change the owner and group for it to tftp. Once this is done, go ahead and enable and restart the tftpd-hpa service like so:
# systemctl enable tftpd-hpa # systemctl start tftpd-hpa
See Network Booting Raspbian Lite to a Raspberry Pi 4 from a Synology NAS or Network Booting LibreElec to Raspberry Pi’s from a Synology NAS for more help on setting up a TFTP server.
Now we are going to enable only NFSv4 or higher. Let’s start by setting the following variables in /etc/default/nfs-common:
NEED_STATD="no" NEED_IDMAPD="yes"
We will also need to set the following variables in /etc/default/nfs-kernel-server:
RPCNFSDOPTS="-N 2 -N 3" RPCMOUNTDOPTS="--manage-gids -N 2 -N 3"
Please note that RPCNFSDOPTS is not present by default, and needs to be added.
Additionally, rpcbind is not strictly needed by NFSv4 but will be started as a prerequisite by nfs-server.service. This can be prevented by masking rpcbind.service and rpcbind.socket.
sudo systemctl mask rpcbind.service sudo systemctl mask rpcbind.socket
NFSv4 only requires a single port (TCP/UDP 2049) and does not require the portmap service to be installed.
By default, NFS will listen for connections on all ports. To only listen for NFS(v4) connections on a particular IP address, add the -H option to RPCNFSDOPTS in /etc/default/nfs-kernel-server:
RPCNFSDOPTS="-N 2 -N 3 -H 192.168.1.10"
Now run the following commands to enable and start the NFS server:
# systemctl enable rpcbind # systemctl start rpcbind # systemctl enable nfs-common # systemctl start nfs-common # systemctl enable portmap # systemctl start portmap # systemctl enable nfs-kernel-server # systemctl start nfs-kernel-server
Now you should be able to create an NFS mount using the following commands:
$ mkdir /tmp/tftpboot $ sudo mount -t nfs4 192.168.1.10:/ /tmp/tftpboot
Sources