NFS

Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems (Sun) in 1984,[1] allowing a user on a client computer to access files over a computer network much like local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC) system. NFS is an open IETF standard.¹

Modern version is NFSv4
Specifically designed for Unix systems

ServerClient

Locations served by the NFS server are referred to as exports
Exports are defined in the /etc/exports file, which is used by exportfs to give information to mountd

/etc/exports

/volume1/proxmox_backups \
  192.168.1.130(rw,async,no_wdelay,crossmnt,insecure,all_squash,insecure_locks,sec=sys,anonuid=1024,anongid=100) \
  192.168.1.131(rw,async,no_wdelay,crossmnt,insecure,all_squash,insecure_locks,sec=sys,anonuid=1024,anongid=100)

Each line contains an export point and a whitespace-separated list of clients allowed to mount the file system at that point. Each listed client may be immediately followed by a parenthesized, comma-separated list of export options for that client. No whitespace is permitted between a client and its option list.

/etc/exports entries can be broken up across multiple lines

User ID Mapping²

nfsd bases its access control to files on the server machine on the uid and gid provided in each NFS RPC request. The normal behavior a user would expect is that she can access her files on the server just as she would on a normal file system. This requires that the same uids and gids are used on the client and the server machine. This is not always true, nor is it always desirable.

Very often, it is not desirable that the root user on a client machine is also treated as root when accessing files on the NFS server. To this end, uid 0 is normally mapped to a different id: the so-called anonymous or nobody uid. This mode of operation (called 'root squashing') is the default, and can be turned off with no_root_squash.

By default, exportfs chooses a uid and gid of 65534 for squashed access. These values can also be overridden by the anonuid and anongid options. Finally, you can map all user requests to the anonymous uid by specifying the all_squash option.

root_squash: Map requests from uid/gid 0 to the anonymous uid/gid. Note that this does not apply to any other uids or gids that might be equally sensitive, such as user bin or group staff.
no_root_squash: Turn off root squashing. This option is mainly useful for diskless clients.
all_squash: Map all uids and gids to the anonymous user. Useful for NFS-exported public FTP directories, news spool directories, etc. The opposite option is no_all_squash, which is the default setting.
anonuid and anongid: These options explicitly set the uid and gid of the anonymous account. This option is primarily useful for PC/NFS clients, where you might want all requests appear to be from one user. As an example, consider the export entry for /home/joe in the example section below, which maps all requests to uid 150 (which is supposedly that of user joe).

Apply changes to /etc/exports

sudo exportfs-ra

Synology NFS Shares

/etc/fstab

john-nas:/volume1/restic  /mnt/nfs/restic  nfs  nofail,_netdev,x-systemd.automount,x-systemd.idle-timeout=600,timeo=14,retrans=3,hard,tcp,nfsvers=3  0  0

/etc/fstab options explained

nofail: Do not report errors for this device if it does not exist. Prevents boot failures if the NFS server is unavailable.
_netdev: Indicates that the filesystem resides on a device that requires network access. Ensures the mount happens after the network is available.
x-systemd.automount: Creates an automount unit that mounts the filesystem on first access rather than at boot time.
x-systemd.idle-timeout=600: Automatically unmount the filesystem after 600 seconds (10 minutes) of inactivity.
timeo=14: Time in deciseconds (tenths of a second) to wait before retrying an NFS request after a timeout. 14 = 1.4 seconds.
retrans=3: Number of times to retry an NFS request before reporting an error (3 retries).
hard: If the NFS server is unavailable, the NFS request will be retried indefinitely until the server responds. Opposite of soft.
tcp: Use TCP protocol for NFS communication instead of UDP. More reliable for unstable networks.
nfsvers=3: Use NFS protocol version 3. Specifies the NFS version to use for mounting.