Learn more about deploying an unRAID NFS Server from our experts. Our NFS Support team is here to help you with your questions and concerns.

Deploying an unRAID NFS Server

NFS is a popular protocol for sharing files across Unix and Linux systems. Today we are going to take a look at how to set up an unRAID NFS server and deploy it behind a firewall or access control list (ACL).

How to Enabling NFS on unRAID

1. First, we have to log in to our unRAID server’s web interface.
2. Then, head to NFS under Settings.
3. Next, we have to find the option for Enable NFS and set it to Yes.
4. Now, click Apply and save the changes.

Setting Up NFS Shares

1. Now, head to Shares in the unRAID web interface.
2. Then, choose the user share we want to export via NFS by clicking on it.
3. Next, we have to set Export to Yes in the NFS Security Settings section, and set Export to Yes.

How to Deploy an unRAID NFS Server Behind a Firewall

Although most users do not need to deploy an NFS server behind a firewall or ACL, it can be necessary in some situations.

In networks exposed to potential threats, we have to isolate these networks from the rest of the network using ACLs or firewalls.

This isolated network is known as a DMZ. The primary security measure is to create firewall/ACL rules that allow only essential traffic and block everything else by default.

Suppose we want our DMZ servers to back up specific files to our unRAID server using NFS. Then, we must permit NFS traffic through the ACL to our unRAID server.

However, NFS listening ports are randomly assigned by default. Hence, we have to configure static NFS server ports on unRAID for predictable, manageable port assignments.

How to Set Up Static NFS Server Ports

In order to set up static NFS server ports, we need to install the User Scripts plugin on unRAID.

Then, we have to create a new script with the following code:

#!/bin/bash
DEFAULT_RPC="/etc/default/rpc"
STATD_PORT=32766
LOCKD_PORT=32768
RC_NFSD="/etc/rc.d/rc.nfsd"
MOUNTD_PORT=32767
nfs_config() (
set -euo pipefail
sed -i '
s/^#RPC_STATD_PORT=.*/RPC_STATD_PORT='$STATD_PORT'/;
s/^#LOCKD_TCP_PORT=.*/LOCKD_TCP_PORT='$LOCKD_PORT'/;
s/^#LOCKD_UDP_PORT=.*/LOCKD_UDP_PORT='$LOCKD_PORT'/;
' ${DEFAULT_RPC}
sed -i '
s/^\s\{4\}\/usr\/sbin\/rpc\.mountd$/ \/usr\/sbin\/rpc\.mountd -p '$MOUNTD_PORT'/;
/if \[ \-x \/usr\/sbin\/rpc.mountd \]/ i RPC_MOUNTD_PORT='$MOUNTD_PORT';
' ${RC_NFSD}
/etc/rc.d/rc.rpc restart
sleep 1
/etc/rc.d/rc.nfsd restart
)
nfs_config
if [[ $? -ne 0 ]]; then
/usr/local/emhttp/webGui/scripts/notify -i warning -s "NFS config failed"
fi

After creating the script, we have to set it to run at the startup of the array using the User Scripts plugin.

This script assigns static ports for our unRAID NFS server. These are the ports we need to permit through our ACL or firewall.

How to Permit NFS Ports Through Firewall/ACL

The exact configuration for permitting NFS ports depends on our specific firewall application. However, the goal is to allow traffic with a destination of our unRAID server’s IP address on ports 111, 2049, and the range 32766-32768.

Let us know in the comments if you need any further help with setting up an NFS server on your unRAID server to improve your network file-sharing capabilities.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Techs demonstrated how to deploy an unRAID NFS Server.