A lightweight, secure NFS server implementation in Rust, supporting NFSv3 protocol with TCP transport.
- Features
- Quick Start
- Prerequisites
- Building from Source
- Running the Server
- Configuration
- Deploy with Docker
- Client Setup
- Testing
- Troubleshooting
- Security Considerations
- License
- Acknowledgments
- NFSv3 protocol support
- TCP transport
- Secure non-root execution
- Docker containerization
- Data persistence
- Minimal resource footprint
# Clone repository (replace with actual repository URL)
git clone https://github.com/username/nfs-server.git
> Replace `username` with your actual GitHub username or organization.
cd nfs-server
# Build and run
cargo run --example nfs_server
# In another terminal, mount the share
mount -t nfs -o nolocks,vers=3,tcp,port=2049 localhost:/ /mnt/nfs-share# Build image
docker build -t nfs-server .
# Run container
# Create data directory first to avoid permission issues
mkdir -p ./data
docker run -d -p 2049:2049 -v ./data:/nfs/data --name nfs-server nfs-server
# Mount the share
mount -t nfs -o nolocks,vers=3,tcp,port=2049 localhost:/ /mnt/nfs-share- Rust 1.74.0 or higher
- Cargo (Rust package manager)
- Docker (optional, for container deployment)
- NFS client utilities (for testing)
git clone https://github.com/yourusername/nfs-server.git
cd nfs-server# Build in release mode
cargo build --release
# Run the server directly
cargo run --example nfs_serverAfter building the project, you can run the NFS server using either Cargo or the compiled binary.
# Using cargo
cargo run --example nfs_server
# Using the compiled binary
./target/release/examples/nfs_serverThe server can be configured through environment variables or command-line arguments.
NFS_PORT: Set custom port (default: 2049)DATA_DIRECTORY: Set data storage path (default: ./data)LOG_LEVEL: Set logging level (default: info, options: trace, debug, info, warn, error)MAX_CONNECTIONS: Set maximum concurrent connections (default: 100)
LOG_LEVEL=debug NFS_PORT=3049 cargo run --example nfs_serverLOG_LEVEL=warn MAX_CONNECTIONS=500 DATA_DIRECTORY=/var/nfs/data ./target/release/examples/nfs_serverNote: The server currently supports environment variable configuration only. Command-line arguments may be added in future releases.
docker build -t nfs-server .docker run -d -p 2049:2049 --name nfs-server -v ./data:/nfs/data nfs-server-v ./data:/nfs/data: Mounts the local data directory to the container for data persistence-p 2049:2049: Maps the default NFS service port- Optimized Docker image features: smaller size, non-root user execution, security hardening
To access the NFS server from a client machine, use the following command:
mount -t nfs -o nolocks,vers=3,tcp,port=2049,mountport=2049,soft <server-ip>:/ /mnt/nfs-share- Linux: Native support through
nfs-commonpackagesudo apt-get install nfs-common # Debian/Ubuntu sudo yum install nfs-utils # RHEL/CentOS
- macOS: Native support with
mount_nfssudo mount_nfs -o vers=3,tcp localhost:/ /mnt/nfs-share
- Windows: Requires NFS client feature enabled or third-party software
# Enable NFS client feature Enable-WindowsOptionalFeature -FeatureName ServicesForNFS-ClientOnly, ClientForNFS-Infrastructure -Online # Mount share mount -o nolocks,vers=3,tcp \\localhost\mnt\nfs-share Z:\
vers=3: Use NFS version 3 protocoltcp: Use TCP transport (recommended for reliability)port=2049: NFS service portmountport=2049: Mountd portnolocks: Disable file lockingsoft: Use soft mount (fail quickly if server unavailable)
After mounting, verify with:
mount | grep nfs
# Should show your mounted share
# Create a test file
touch /mnt/nfs-share/testfile.txt
ls -l /mnt/nfs-share/testfile.txtVerify the server is running correctly:
# Check if server is listening on port 2049
# For Linux
netstat -tulpn | grep 2049
# Or alternatively
ss -tulpn | grep 2049
# For macOS
lsof -i :2049
# For Windows
netstat -ano | findstr :2049
# View server logs
# (If using systemd or similar service manager)
journalctl -u nfs-serverTest read/write performance with dd:
# Write test
dd if=/dev/zero of=/mnt/nfs-share/test bs=1M count=100 oflag=direct
# Read test
dd if=/mnt/nfs-share/test of=/dev/null bs=1M count=100 iflag=direct- Mount Failures: Verify NFS client utilities are installed (
nfs-commonon Debian/Ubuntu,nfs-utilson RHEL/CentOS) - Permission Denied: Check directory permissions on server and client
- Performance Issues: Consider adjusting TCP buffer sizes or using hard mounts
- Data Corruption: Never use soft mounts for critical data
- Mount Failures: Verify NFS client utilities are installed (
nfs-commonon Debian/Ubuntu) - Permission Denied: Check directory permissions on server and client
- Performance Issues: Consider adjusting TCP buffer sizes or using hard mounts
# Enable verbose output on client
mount -t nfs -v -o vers=3,tcp <server-ip>:/ /mnt/nfs-share
# Check server logs
RUST_LOG=debug cargo run --example nfs_server- Non-root Execution: The server is designed to run as an unprivileged user for enhanced security
- Network Security: Always use a firewall to restrict access to the NFS port
- Data Protection: Consider using encryption for sensitive data (NFS itself doesn't provide encryption)
- Mount Restrictions: Limit NFS mounts to trusted clients only
- Regular Updates: Keep the server and dependencies updated for security patches
This project is licensed under the MIT License. See the LICENSE file for details.
- Only NFSv3 protocol is supported
- Limited to TCP transport (UDP not supported)
- Basic file operations only (some advanced features may be missing)
- Add NFSv4 protocol support
- Implement UDP transport option
- Add command-line argument configuration
- Enhanced logging and monitoring
- Rust NFS protocol implementation
- Docker for containerization support
- The Rust community for excellent libraries