Orange Pi as Time Machine Server

Orange Pi as Time Machine Server

One of my projects has been to organize automated backups of the various computers in the house.  This includes a couple Macs with some precious data on them.  So, I decided to put my inexpensive Orange Pi with Armbian Linux to the test, with the goal of getting Time Machine working over the network to a USB drive attached to the pi board.  That being the case, I discovered and successfully installed Netatalk.

Netatalk is open source software that acts as an Apple file server.  With a combination of Avahi and Netatalk running, your Mac can discover your pi board on the network and will even consider it to be a “Mac” type device.  This enables you to connect manually to the network drive but more importantly it enables Time Machine to find and use the remote drive.  The below guidance may help if you if you wish to set up a similar backup capability for your Macs.


To set up the USB drive, I first experimented with an HFS+ formatted file system.  Unfortunately, I could never get write permissions working.  So, I opted instead to create an EXT4 filesystem and ensured that my user “pi” had read/write permissions.  There are many ways to format a drive but my preferred (and recommended) method is to use gparted whenever possible.  Since gparted is included with the Armbian desktop, that I what I used.

I wanted this drive to be automatically mounted to the same location every time the pi board boots or the USB drive is connected.  So, I created a location for it to be mounted, made a “tm” directory for the actual backups, and changed the ownership of “tm” to user pi:

cd /mnt
sudo mkdir timemachine
cd timemachine
sudo mkdir tm
sudo chown pi:pi tm

Then I opened a terminal and edited /etc/fstab…

sudo nano /etc/fstab

…and added a line at the end for the device  (in my case, is it sdc2):

/dev/sdc2 /mnt/timemachine ext4 rw,user,exec 0 0

You will need to install some prerequisites packages via command line, some of which may already be installed on your system:

sudo apt-get install build-essential libevent-dev libssl-dev libgcrypt11-dev libkrb5-dev libpam0g-dev libwrap0-dev libdb-dev libtdb-dev libmysqlclient-dev avahi-daemon libavahi-client-dev libacl1-dev libldap2-dev libcrack2-dev systemtap-sdt-dev libdbus-1-dev libdbus-glib-1-dev libglib2.0-dev libio-socket-inet6-perl tracker libtracker-sparql-1.0-dev libtracker-miner-1.0-dev hfsprogs hfsutils avahi-daemon

Install & Configure Netatalk

The next action is to download Netatalk, extract the downloaded archive file, and navigate to the Netatalk software directory:

tar xvf netatalk-3.1.10.tar.bz2
cd netatalk-3.1.10

Now you need to configure, make, and make install the software.  In the netatalk-3.1.10 directory, run the following configure command and be prepared for it to take a bit of time:

./configure --with-init-style=debian-systemd --without-libevent --without-tdb --with-cracklib --enable-krbV-uam --with-pam-confdir=/etc/pam.d --with-dbus-daemon=/usr/bin/dbus-daemon --with-dbus-sysconf-dir=/etc/dbus-1/system.d --with-tracker-pkgconfig-version=1.0

When that finishes, run:


Be prepared for this to take a rather long time to complete.  Seriously, grab a cup of coffee or something.  When that is finally done, run the following command:

sudo make install

That should complete in a brief moment.  Now you can verify installation and also find the location of configuration files with the following two commands:

sudo netatalk -V
sudo afpd -V

You will need to edit your afp.conf file so that your time machine backup location is defined, your user account has access to it, and to specify whether or not you want Spotlight to index your backups.

sudo nano /usr/local/etc/afp.conf

As an example, my afp.conf includes the following:

[My Time Machine Volume]
path = /mnt/timemachine/tm
valid users = pi
time machine = yes
spotlight = no

Finally, enable and start up Avahi and Netatalk:

sudo systemctl enable avahi-daemon
sudo systemctl enable netatalk
sudo systemctl start avahi-daemon
sudo systemctl start netatalk

Connecting to the Network Drive

At this point, your Mac may have already discovered your pi board and network drive. Open Finder on the Mac and see if you have something like this:

You can also connect to the server by host name or IP address, for example:


Time Machine Backup

And at last…open Time Machine on the Mac, and select disk, and choose your Orange Pi.

This set up will definitely work and the Orange Pi handles the process like a champ, but keep in mind this may not be the fastest of backups.  But it is easy, inexpensive, and ‘just works’ like it should.  If you have success or improvements for this type of set up, please comment below or send me a note.

Orange Pi boards are available at Amazon (affiliate links):



VPN/iptables:  Jonas provided the following feedback and it is shared here is case you run into the same issue.  Thanks Jonas!

I had some problems with an assert firing when I try to start the avahi-daemon. Turns out, it was because I was rejecting all traffic not going through a permanent VPN connection.

The solution was to add an iptables rule opening port 5353 for the mDNS before rejecting packets:

sudo iptables -A INPUT -p udp -s x.y.z.0/24 --dport 5353 -j ACCEPT

replacing xyz with your local subnet (usually 192.168.)

resulting in following ruleset:

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere <vpn server address>
ACCEPT all -- anywhere loopback/8
ACCEPT udp -- x.y.z.0/24 anywhere udp dpt:mdns <-- important
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable


Make error:

If you get an error at the ‘make’ stage having to do with libatalk/acl, try this:

cd libatalk/acl
make clean

Then return to the netatalk directory do a ‘make’ command again.