[Nix-dev] Encrypted boot, encrypted root on zfs setup. Problem with root unlocking.
Tomasz Czyż
tomasz.czyz at gmail.com
Sat Aug 29 17:59:00 CEST 2015
Hi,
Yesterday I've set up nix for the first time. Awesome project!
I was struggling with ubuntu/debian to set up encrypted boot partition, but
here worked with first boot! Nice stuff!
But I've problem with mounting root partition at this stage.
My setup
--------------------------------------------
| BOOT | ROOT |
--------------------------------------------
| ext4 | zfs |
--------------------------------------------
| enc_boot | enc_root1, enc_root2, ... |
--------------------------------------------
| md_boot | sda3, sdb3, sdc3, sdd3 |
--------------------------------------------
| sda2, sdb2...|
----------------
So, boot is on encrypted partition on top of RAID1 (mdadm). There is a file
root.key to unlock 4 root partitions.
Root is a ZFS system, on top of 4 encrypted volumes, crypted with root.key
(which is on boot partition).
Working part:
During the boot, I'm asked about the password to boot partition, and boot
partition is unlocked.
Not working part:
After unlocking boot and loading initrd there is a problem, zfs defined in
config (with UUID) cannot be found or mounted – because 4 root partitions
are not unlocked.
In configuration.nix I've added bootloader directive
boot.initrd.postMountCommands = "cryptsetup luksOpen --key-file
/mnt-root/boot/root.key /dev/sda3 root1; cryptsetup luksOpen
--key-file /mnt/root/boot/root.key /dev/sdb3 root2.......";
but this part is not working. I cannot access root.key, probably boot
partition is not mounted there. I don't know how to activate shell there to
investigate stuff.
Do you know by any chance how I can automatically unlock other partitions
from boot partitions and mount zfs after that?
Cheers,
Tomasz Czyż
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150829/a7c49663/attachment.html
More information about the nix-dev
mailing list