I am running a Debian server using NFSv4 (only v4). The only expected clients are on Linux as well. I am primarilly accessing the fileserver by mounting it in fstab and using a file explorer.
My exports file contains entries like this:
/data/jellyfin client-hostname(rw,all_squash,anonuid=130,anongid=1002,no_subtree_check,sync)
Where uid 130 is user nfs and gid 1002 is group hdd-data.
The idea, then, is that the user doesn't matter, what matters is that multiple services belonging to the group hdd-data can all access and modify the files.
I can upload movies to jellyfin via nfs, jellyfin can put metadata into those folders, and then I can even browse and move those files with a third, browser-based client. All of the services use system users that rely on having read+write permissions from hdd-data. This is the idea for more than just jellyfin.
However, when copy over or create a new file/dir, the permissions end up like so:
drwxr-xr-x - nfs hdd-data 31 May 15:06 test-dir
.rw-r--r-- 0 nfs hdd-data 31 May 15:07 test-file.txt
I would like the group write permissions to automatically be set for both files and directories. What is the best approach to achieving this?
Do I have to create and configure a group on every client machine in some specific way?
Should I be setting default ACL's on all of the host's /data folders?
Magical third way?