Time Machine backup to Windows host
- Introduction
- Selecting WSL version
- Install WSL and pick default version:
- Install Ubuntu and configure netatalk
- Service startup script
- Scheduling service startup
- Connecting from macOS and configuring Time Machine
- History
Introduction
Time Machine on macOS does not like windows hosts as targets, likely due to noncompliance to Time Machine over SMB Specification.
In this article, we’ll document the steps to create a compatible Time Machine target via AFP using netatalk
running under Ubuntu in WSL 2 or WSL 1
Selecting WSL version
While WSL 2 offers better compatibility by means of full Linux kernel running in VM (see https://docs.microsoft.com/en-us/windows/wsl/compare-versions), there are some issue which may make WSL 1 a better choice for our purposes, at least for now:
- WSL 2 consumes massive amounts of RAM and doesn’t return it. As a workaround, the amount of memory available to the VM can be limited, as described in the Advanced Configuration
- WSL 1 has better performance across file systems, which our use case might benefit from
Install WSL and pick default version:
In the new cmd session:
wsl --install
Reboot when prompted, relaunch the cmd and set the chosen WSL version as default:
wsl --set-default-version 2
or
wsl --set-default-version 1
For details and best practices please refere to the documentation https://docs.microsoft.com/en-us/windows/wsl/install
Install Ubuntu and configure netatalk
- Install the desired distribution (from https://aka.ms/wslstore or directly in the CMD):
wsl --list --online wsl --install -d ubuntu-20.04
- Unless the shell into the newly installed distribution has launched in a separate window – launch it by name. In this case,
ubuntu2004
(note, remove punctuation). You can also run the default simply by runningwsl
:wsl
-
After a while, a prompt to set up the username and password will appear. These credentials will be used to connect to AFP share from the Mac later. Proceed with configuring them and wait for the shell prompt to appear.
-
Optional. At this point I would get rid of all non-essential packages as described here https://askubuntu.com/questions/79665/keep-only-essential-packages. There is no reason to keep all the bloatware, including snapd and graphics drivers for our purposes.
- Start logging service (will be helpful for troubleshooting if anything goes wrong):
sudo service rsyslog start
Logs can be viewed by tailing
/var/log/syslog
- Update repositories and install
netatalk
:sudo apt update sudo apt -y upgrade sudo apt -y install netatalk
- Edit
/etc/netatalk/afp.conf
to configure paths to the folders to be shared. Windows disks are mounted under/mnt/
. For example, to share general purpose folder nameStorage
and another one dedicated to Time Machine namedTime Machine
located in the root of windows driveR:
add the following:[Storage] path = /mnt/r/Storage [Time Machine] path = '/mnt/r/Time Machine' time machine = yes
Note, if you later want to make changes to the file, restart netatalk with
sudo service netatalk restart
. - Allow starting the netatalk (and optionally logging) service without prompts. Edit
sudoers
file viasudo visudo
and add the following lines:%sudo ALL=(ALL) NOPASSWD: /usr/sbin/service netatalk start %sudo ALL=(ALL) NOPASSWD: /usr/sbin/service rsyslog start
- Start the service
sudo service netatalk start
- If Windows firewall prompted for access – click
Allow access
. Otherwise, add the rule manually:netsh advfirewall firewall add rule name="Allow AFP connections" dir=in action=allow protocol=TCP localport=548
Service startup script
WSL 2
WSL 2 runs in a separate internal network connected to an internal Hyper-V virtual switch named WSL. Unfortunately, it is not feasible to make it external without breaking everything around it, so we’ll instead create a port mapping. Consequently, mDNS/Bonjour won’t work to advertise AFP shares and Time Machine services, but that’s not a big deal: windows host supports mDNS, so we can connect to it directly in the finder via Command+K, afp://windows-host-name.local
.
To configure firewall to access the WSL instance, we will build on the excellent script shared here: https://github.com/microsoft/WSL/issues/4150#issuecomment-504209723
Additionally, it may be helpful to start the logging service as well, just to be able to troubleshoot any possible runtime issues with the netatalk in the future.
Create the script somewhere accessible, like c:\Scripts\wsl_startup.ps1
, with the following content:
$remoteport = bash.exe -c "hostname -I"
$found = $remoteport -match '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
if( $found ){
$remoteport = $matches[0];
} else{
echo "The Script Exited, the ip address of WSL 2 cannot be found";
exit;
}
iex "netsh interface portproxy add v4tov4 listenport=548 listenaddress=0.0.0.0 connectport=548 connectaddress=$remoteport";
wsl sudo service rsyslog start
wsl sudo service netatalk start
WSL 1
There is no need to configure port forwarding. Remove any existing forwards you might have created when playing with WSL 2 above:
netsh interface portproxy show v4tov4
netsh interface portproxy delete v4tov4 listenport=548 listenaddress=0.0.0.0
Create the script somewhere accessible, like c:\Scripts\wsl_startup.ps1
, with the following content:
wsl sudo service rsyslog start
wsl sudo service netatalk start
If logging is not needed and therefore the contents of the script condense to a single line it can be directly scheduled in the Task Scheduler (program name wsl
, arguments sudo service netatalk start
).
Scheduling service startup
Using Task Scheduler, create a new task to launch the script on each Windows start:
- search for
Task Scheduler
and launch it Action
→Create Task
General
:Name
: Pick something, e.g.AFP Startup
Security Options
: SelectRun whether user is logged on or not
Security Options
: CheckRun with highest privileges
Configure for
:Windows 10
Triggers
→New...
Begin the task
:At startup
Delay the task
:15 seconds
(just in case)- Press OK
Actions
→New...
Action
:Start a program
Program/script
:powershell.exe
Add arguments
:-ExecutionPolicy Unrestricted -File c:\Scripts\wsl_startup.ps1
- Press OK. Enter the administrator account credentials as requested.
To test the whole thing, including the scheduler item, restart windows host. Then on macOS, try to connect to it:
Connecting from macOS and configuring Time Machine
- Press
Command+K
in Finder, typeafp://windows-host-name.local
, press Enter. - Pick the Time Machine share and press OK.
- Now that is it mounted, go to
Time Machine
settings inSystem Preferences
, and clickSelect Disk
. Pick the available share from the list (named as configured inafpd.conf
above).
That’s pretty much it. The Time Machine from there on will be auto-mounting the share to perform the backup.
History
Dec 12, 2021 | initial publication |
Dec 14, 20201 | added WSL 1 specifics and simplified scripts |