X-Original-To: alpine-user@lists.alpinelinux.org Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by lists.alpinelinux.org (Postfix) with ESMTP id 1E4E35C55EF for ; Fri, 17 Aug 2018 08:19:13 +0000 (GMT) Received: by mail-wr1-f49.google.com with SMTP id a108-v6so3677742wrc.13 for ; Fri, 17 Aug 2018 01:19:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=yshAMzN+5b196F5VpLk2dqTrgVEK6jZ9Tmj4m6IbDrQ=; b=AODPXD4iKg1wm+EvT6k9hotU6ySiEtVfOShTJW/Yk+J55elNq2RdMLxBAOJpF2LE+c TPLbDS3b6iEEjEFd3mvq6soUV3kNogm0eJTTaVKlfvqGwUsQ6W6hb3SQAu2rr+6yZvhO 3IaNouzMsMa2G4a637Y4kFU1cuUDclIJ49lfqy6SzMQYxplkJf6wzZ/G7mIyOk9Zl05B xAoVDhnrDAfOpbSvupggUY4ynHR8telTMrFFj2iJXi4r0NRDXNPV7h0mHegl8Kz5hZHg 7p+kYsizIvXUs18JhmtvRMUIFGzOvsmfffD7PbouTTfS5d9ib/ax+8mGAEdcuNnHcQ5s 15Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=yshAMzN+5b196F5VpLk2dqTrgVEK6jZ9Tmj4m6IbDrQ=; b=pWUqFGj9oxyrlhAEPs9hEa2cMX1arb6joiR7ykPNe/rrANu+ZeSoO/0L/fVp/GX06s wSr6LMfP90qjTz4FR9niBZWeF+usXHKHVgvsJcegh6PtpYpvGC/lueZs2sW1VXjexxF9 FbKfu+cRlcZsJ5uL3ARVQSLHuKv9+ro/41T7HRrd4eLOgEoWGO9IeWXuhZh9kqM1BCpl mt6YsjWkf5wXsbMUXm9LdspB+pSkSGDFgwTOK7xOITuOogutEGzf6T6f8xlUPsoLj3yb Z8Lh3ZppwMVrm/nxRHuPrtIeZ8vhnlLkHsKcbp/iThLNToLX6Vf1OAPPxEuXggUAIlbQ EpFA== X-Gm-Message-State: AOUpUlEeEjFK+JfNoSKzm2kFQOZMP8r+kjUL4TOTcGe/NNucWhPRcV9Y jUlmI1UQc/djJs9OhgZREIIZy7XMBkLNOPPoBoPBJYI6 X-Google-Smtp-Source: AA+uWPzU+N1vd3ewmfHKhkQMn7diKsuaWZSxp0bt6cZugRJn937Im588Hp5vPrfW0O650e67bdp+h2konAC3+Pa6Ul0= X-Received: by 2002:adf:e3c5:: with SMTP id k5-v6mr20706430wrm.94.1534493952378; Fri, 17 Aug 2018 01:19:12 -0700 (PDT) X-Mailinglist: alpine-user Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Received: by 2002:adf:c4f4:0:0:0:0:0 with HTTP; Fri, 17 Aug 2018 01:19:11 -0700 (PDT) In-Reply-To: <521b6968-57dc-8116-02f1-ec3b0dd8e8bb@icetown.de> References: <885afe4f-3231-468d-7928-7e41bf4cffd4@icetown.de> <91ffe437-8e42-978b-9247-811ce1c0a58c@icetown.de> <521b6968-57dc-8116-02f1-ec3b0dd8e8bb@icetown.de> From: Dave Jones Date: Fri, 17 Aug 2018 16:19:11 +0800 Message-ID: Subject: Re: [alpine-user] How to setup BTRFS and LUKS To: Tristan Kohl Cc: alpine-user@lists.alpinelinux.org Content-Type: multipart/alternative; boundary="000000000000f10d8805739d360f" --000000000000f10d8805739d360f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Tristan, Would you mind sharing your setup? I tried to use keyfile to automount a luks encrypted volume: root(/) partiton, added the line "lvmcrypt /dev/vda2 /etc/mykeyfile luks" to /etc/crypttab, then run "mkinitfs" to regenerate initramfs, but it doesn't work. Still prompts for passphrase :( btw, i use ext4 file system, thanks. On Wed, Aug 15, 2018 at 12:20 AM, Tristan Kohl wrote: > Oh...wait...That works! > > You sir deserve a medal!=E2=80=AFThank you so much, I was absolutely sure= I put > it in there but must have removed it during one of my countless tries. > > Thanks again, I can finally move my full setup over to Alpine now :) > > Cheers, > Tristan > > On 14.08.2018 16:49, Adam R=C5=AF=C5=BEi=C4=8Dka wrote: > > Hi, > > one thing comes to mind. I think I encountered something similar > > and the cause was that the btrfs kernel module was not loaded > > at the time when "btrfs device scan" was run. To put it another way, > > the userspace btrfs tool tries to look for the drives but doesn't know > > how to read them. Could you try > > > > echo 'btrfs' > /etc/modules.d/btrfs.conf > > > > and then reboot (+ lbu if you're using that). Hope this helps > > > > -- Adam > > > > On Tue, Aug 14, 2018 at 12:58 PM, Tristan Kohl > > wrote: > > > > I want to give a little update on my progress so far: > > > > Thanks to Adam I was able to have my drives encrypted during boot. > > However they still were not recognized by BTRFS as one coherent poo= l. > > > > I then tried to put "btrfs device scan"=E2=80=AFat various places i= n > > /etc/runlevel/boot/localmount and others but that did not change > > anything. I can confirm that the command got executed since I wrote > > "btrfs device scan >=E2=80=AF/scan.txt"=E2=80=AFwhich created a fil= e containing > > "Scanning for Btrfs filesystems" after boot. But somehow the scans' > > result got lost afterwards. Even puttig it right before the line > "moun > > -at ..."=E2=80=AFinside localmount did not have any effect. I am lo= st right > now > > as to what else I can try to fix this. > > > > As I read in Arch and Gentoo wiki they use some hooks in their > initramfs > > but I am not sure if that will help since decryption has to run > before > > scanning plus I do not find anything as to how one would > use/configure > > them in Alpine. > > > > Does anyone smarter than me has any idea what else I could try? > > > > Cheers, > > Tristan > > > > On 13.08.2018 13:19, Tristan Kohl wrote: > > > Hey guys, > > > > > > I stumbled upon Alpine a while back when building new docker > > images for > > > my home server currently running Debian stable. Since I was quite > > > intrigued by its minimalism, I gave it a shot in a VM to play > > around. I > > > must admit, I fell in love and made an USB drive to use on my hom= e > > > server. Most things work flawelessly (samba, docker, etc.) but I > > do not > > > get how one would get a BTRFS pool on LUKS drives working. > > > > > > I think I have to dig into OpenRC and drop some service in > > "sysinit" to > > > decrypt my drives before fstab kicks in (which as far as I can te= ll > > > happens in devfs). I have my crypttab setup to work with a keyfil= e > > which > > > resides in /root. > > > > > > What I need: > > > 1. Mapping all LUKS drives to /dev/mapper/poolX (setup in > > /etc/crypttab) > > > 2. Run btrfs device scan to detect my pool > > > 3. Mount pool according to fstab > > > > > > I am a Linux desktop user for 7 years and I do prefer command lin= e > for > > > many tasks but when it comes to server setups that are just a tad > more > > > advanced I feel like an absolute beginner. When I build my server > > some 5 > > > years ago I did just some copypasta from a vast number of sites > > without > > > documenting anything. Plus Debian did a lot of magic out of the > box I > > > did not even knew of. However this "featurefullness" also always > > bugged > > > me since I had no idea what was actually going on behind the > scenes. > > > > > > Hope someone can help me out here, any help is greatly appreciate= d. > > > > > > Cheers, > > > Tristan > > > > > > > > > > > > > > > > > > > > > --- > > > Unsubscribe: alpine-user+unsubscribe@lists.alpinelinux.org > > > > > Help: alpine-user+help@lists.alpinelinux.org > > > > > --- > > > > > > > > > --- > > Unsubscribe: alpine-user+unsubscribe@lists.alpinelinux.org > > > > Help: alpine-user+help@lists.alpinelinux.org > > > > --- > > > > > > > --- > Unsubscribe: alpine-user+unsubscribe@lists.alpinelinux.org > Help: alpine-user+help@lists.alpinelinux.org > --- > > --000000000000f10d8805739d360f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Tristan,

Would you mind sharing your setup?=C2= =A0 I tried to use keyfile to automount a
luks encrypted volume: root(/= ) partiton, added the line
"lvmcrypt /dev/vda2 /etc/mykeyfile luks&= quot; to /etc/crypttab, then run "mkinitfs"
to regenerate init= ramfs, but it doesn't work.
Still prompts for passphrase :(

btw, i use ext4 file system, thanks.

On Wed, Aug 15, 201= 8 at 12:20 AM, Tristan Kohl=C2=A0 wrote:
Oh...wait...That works!

You sir deserve a medal!=E2=80=AFThank you so much, I was absolutely sure I= put
it in there but must have removed it during one of my countless tries.

Thanks again, I can finally move my full setup over to Alpine now :)

Cheers,
Tristan

On 14.08.2018 16:49, Adam R=C5=AF=C5=BEi=C4=8Dka wrote:
> Hi,
> one thing comes to mind. I think I encountered something similar
> and the cause was that the btrfs kernel module was not loaded
> at the time when "btrfs device scan" was run. To put it anot= her way,
> the userspace btrfs tool tries to look for the drives but doesn't = know
> how to read them. Could you try
>
> echo 'btrfs' > /etc/modules.d/btrfs.conf
>
> and then reboot (+ lbu if you're using that).=C2=A0 Hope this help= s
>
> -- Adam
>
> On Tue, Aug 14, 2018 at 12:58 PM, Tristan Kohl <tristan@icetown.de
> <mailto:= tristan@icetown.de>> wrote:=
>
>=C2=A0 =C2=A0 =C2=A0I want to give a little update on my progress so fa= r:
>
>=C2=A0 =C2=A0 =C2=A0Thanks to Adam I was able to have my drives encrypt= ed during boot.
>=C2=A0 =C2=A0 =C2=A0However they still were not recognized by BTRFS as = one coherent pool.
>
>=C2=A0 =C2=A0 =C2=A0I then tried to put "btrfs device scan"= =E2=80=AFat various places in
>=C2=A0 =C2=A0 =C2=A0/etc/runlevel/boot/localmount and others but that d= id not change
>=C2=A0 =C2=A0 =C2=A0anything. I can confirm that the command got execut= ed since I wrote
>=C2=A0 =C2=A0 =C2=A0"btrfs device scan >=E2=80=AF/scan.txt"= ;=E2=80=AFwhich created a file containing
>=C2=A0 =C2=A0 =C2=A0"Scanning for Btrfs filesystems" after bo= ot. But somehow the scans'
>=C2=A0 =C2=A0 =C2=A0result got lost afterwards. Even puttig it right be= fore the line "moun
>=C2=A0 =C2=A0 =C2=A0-at ..."=E2=80=AFinside localmount did not hav= e any effect. I am lost right now
>=C2=A0 =C2=A0 =C2=A0as to what else I can try to fix this.
>
>=C2=A0 =C2=A0 =C2=A0As I read in Arch and Gentoo wiki they use some hoo= ks in their initramfs
>=C2=A0 =C2=A0 =C2=A0but I am not sure if that will help since decryptio= n has to run before
>=C2=A0 =C2=A0 =C2=A0scanning plus I do not find anything as to how one = would use/configure
>=C2=A0 =C2=A0 =C2=A0them in Alpine.
>
>=C2=A0 =C2=A0 =C2=A0Does anyone smarter than me has any idea what else = I could try?
>
>=C2=A0 =C2=A0 =C2=A0Cheers,
>=C2=A0 =C2=A0 =C2=A0Tristan
>
>=C2=A0 =C2=A0 =C2=A0On 13.08.2018 13:19, Tristan Kohl wrote:
>=C2=A0 =C2=A0 =C2=A0> Hey guys,
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> I stumbled upon Alpine a while back when build= ing new docker
>=C2=A0 =C2=A0 =C2=A0images for
>=C2=A0 =C2=A0 =C2=A0> my home server currently running Debian stable= . Since I was quite
>=C2=A0 =C2=A0 =C2=A0> intrigued by its minimalism, I gave it a shot = in a VM to play
>=C2=A0 =C2=A0 =C2=A0around. I
>=C2=A0 =C2=A0 =C2=A0> must admit, I fell in love and made an USB dri= ve to use on my home
>=C2=A0 =C2=A0 =C2=A0> server. Most things work flawelessly (samba, d= ocker, etc.) but I
>=C2=A0 =C2=A0 =C2=A0do not
>=C2=A0 =C2=A0 =C2=A0> get how one would get a BTRFS pool on LUKS dri= ves working.
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> I think I have to dig into OpenRC and drop som= e service in
>=C2=A0 =C2=A0 =C2=A0"sysinit" to
>=C2=A0 =C2=A0 =C2=A0> decrypt my drives before fstab kicks in (which= as far as I can tell
>=C2=A0 =C2=A0 =C2=A0> happens in devfs). I have my crypttab setup to= work with a keyfile
>=C2=A0 =C2=A0 =C2=A0which
>=C2=A0 =C2=A0 =C2=A0> resides in /root.
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> What I need:
>=C2=A0 =C2=A0 =C2=A0> 1. Mapping all LUKS drives to /dev/mapper/pool= X (setup in
>=C2=A0 =C2=A0 =C2=A0/etc/crypttab)
>=C2=A0 =C2=A0 =C2=A0> 2. Run btrfs device scan to detect my pool
>=C2=A0 =C2=A0 =C2=A0> 3. Mount pool according to fstab
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> I am a Linux desktop user for 7 years and I do= prefer command line for
>=C2=A0 =C2=A0 =C2=A0> many tasks but when it comes to server setups = that are just a tad more
>=C2=A0 =C2=A0 =C2=A0> advanced I feel like an absolute beginner. Whe= n I build my server
>=C2=A0 =C2=A0 =C2=A0some 5
>=C2=A0 =C2=A0 =C2=A0> years ago I did just some copypasta from a vas= t number of sites
>=C2=A0 =C2=A0 =C2=A0without
>=C2=A0 =C2=A0 =C2=A0> documenting anything. Plus Debian did a lot of= magic out of the box I
>=C2=A0 =C2=A0 =C2=A0> did not even knew of. However this "featu= refullness" also always
>=C2=A0 =C2=A0 =C2=A0bugged
>=C2=A0 =C2=A0 =C2=A0> me since I had no idea what was actually going= on behind the scenes.
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> Hope someone can help me out here, any help is= greatly appreciated.
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> Cheers,
>=C2=A0 =C2=A0 =C2=A0> Tristan
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0>
>=C2=A0 =C2=A0 =C2=A0> ---
>=C2=A0 =C2=A0 =C2=A0> Unsubscribe:=C2=A0 alpine-user+unsubscribe@lists.= alpinelinux.org
>=C2=A0 =C2=A0 =C2=A0&= lt;mailto:alpine-user%2Bunsubscribe@lists.alpinelinux.org>
>=C2=A0 =C2=A0 =C2=A0> Help:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0alpine-user+help@lists= .alpinelinux.org
>=C2=A0 =C2=A0 =C2=A0<mailto:alpine-user%2Bhelp@lists.alpinelinux.org>=
>=C2=A0 =C2=A0 =C2=A0> ---
>=C2=A0 =C2=A0 =C2=A0>
>
>
>=C2=A0 =C2=A0 =C2=A0---
>=C2=A0 =C2=A0 =C2=A0Unsubscribe:=C2=A0 alpine-user+unsubscribe@lists.alpin= elinux.org
>=C2=A0 =C2=A0 =C2=A0<mailto:alpine-user%2Bunsubscribe@lists.alpi= nelinux.org>
>=C2=A0 =C2=A0 =C2=A0Help:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0alpine-user+help@lists.alpinelinux.org
>=C2=A0 =C2=A0 =C2=A0<mailto:alpine-user%2Bhelp@lists.alpinelinux.org>=
>=C2=A0 =C2= =A0 =C2=A0---
>
>


---
Unsubscribe:=C2=A0 alpine-user+unsubscribe@lists.alpinelinux.org
Help:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0alpine-user+help@lists.alpinelinux.org
---


--000000000000f10d8805739d360f-- --- Unsubscribe: alpine-user+unsubscribe@lists.alpinelinux.org Help: alpine-user+help@lists.alpinelinux.org ---