Hi,
I’m in the process setting up OMV5 with SnapRaid and Union FS.
I read somewhere users use BorgBackup with LuksEncryption for back up data.
But BorgBackup plugin isn’t available yet.
what are the suggestions ?
thanks
Hi,
I’m in the process setting up OMV5 with SnapRaid and Union FS.
I read somewhere users use BorgBackup with LuksEncryption for back up data.
But BorgBackup plugin isn’t available yet.
what are the suggestions ?
thanks
I read somewhere users use BorgBackup with LuksEncryption for back up data.
Borgbackup has an encryption option but it doesn't use Luks.
But BorgBackup plugin isn’t available yet.
what are the suggestions ?
Wait for the plugin is my first suggestion. It isn't far off. Just haven't had much time lately.
by the way, I plan only to encrypt a few folders on the drive.
So if the data is encrypted with Luks, can I still use BorgBackup to back up data ?
So if the data drive is encrypted with Luks, can I still use BorgBackup to back up data ?
As long as the drive is unlocked and the filesystem is mounted. Borg works with files not the filesystem or device it is on.
The borg plugin is in the repo now.
I don't why Luks Encryption plugin wouldn't let me select the device from the drop-down menu.
I uninstalled/re-installed the plugin several times.
The device needs to be blank.
How do I encrypt the device if I can't select any data drive from the drop-down menu ?
Do I need to un mount my hard drives and format them ?
I only want to encrypt some specific folders on the drive, not entire drive.
How do I encrypt the device if I can't select any data drive from the drop-down menu ?
LUKS needs a block device not a file system. The plugin only allows you to select a disk without filesystems.
Do I need to un mount my hard drives and format them ?
No. You need to unmount and wipe them. Then add them to LUKS and then put a filesystem on top of the LUKS device.
I only want to encrypt some specific folders on the drive, not entire drive.
LUKS is not what you want then. There is no plugin to do that. You could do that from the client side though.
Ext4 can encrypt folders btw. Just check the arch wiki on fscrypt.
This maybe can be implemented as a plugin. Only on modern kernels btw.
Sorry that I ask many questions about this.
I looked at the performance reviews of fscrypt and Luks, and Luks had better speed and performance.
I notice some users wrote a script to auto unlock Luks encrypted hdd upon startup.
Is this recommended instead unlock it manually ?
I notice some users wrote a script to auto unlock Luks encrypted hdd upon startup.
That means you need to store the key somewhere.
Is this recommended instead unlock it manually ?
Depends on your use case. When you can accept the above it should be fine.
I do it for an external backup drive which I store in a place outside of my home. I have the key on my server. When I plugin the USB drive the drive gets decrypted using the key which is stored on the server. In this case I don't mind as the data are stored unencrypted on the server anyway.
I plan to use Luks encryption on the data drives and use Borg for external backup.
There is always performance penalty but as long as the cpu has aes extensions should be fine, shouldnt decrease that dramatically, a standard Hdd is around 150-190MB/s it won’t cap enough to notice the degrade over gbit Ethernet.
Hi,
I just done the encryption process, but upon startup, the drives aren't unable to auto mount.
https://forum.openmediavault.o…%2Bdev-disk-by#post143926
I've tried timeout =1 and timeout =2, but no luck.
By the way, I can't log into OMV web gui at all.
My current set up is : added passphrases then added Keyfile to the encryption drives.
Not sure if there still a bug for this method after I read another thread.
Even though I can’t unlock the drives upon startup, why I can’t access OMV web gui ?
Edit: after researchings, I found the solution to fix it.
I've to modified the /etc/crypttab and /etc/fstab accordingly.
Current /etc/fstab config:
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/sda1 during installation
UUID=56a66259-f103-4ffd-bc2d-a3c036c2e6bc / ext4 noatime,nodiratime,discard,errors=remount-ro 0 1
# swap was on /dev/sda5 during installation
UUID=fac1e675-5c6a-4878-bf29-9a72c320f9cf none swap sw 0 0
# >>> [openmediavault]
/dev/mapper/sdb1_crypt /media/sdb ext4 defaults 0 2
/dev/mapper/sdc1_crypt /media/sdc ext4 defaults 0 2
/dev/mapper/sdd1_crypt /media/sdd ext4 defaults 0 2
/dev/mapper/sde1_crypt /media/sde ext4 defaults 0 2
/dev/mapper/sdf1_crypt /media/sdf ext4 defaults 0 2
# <<< [openmediavault]
Alles anzeigen
Upon startup, I received errors:
Dec 2 21:13:27 omv rsyslogd: [origin software="rsyslogd" swVersion="8.1901.0" x-pid="2651" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
Dec 2 21:13:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data1' not mounted
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' unable to read filesystem '/srv/dev-disk-by-label-data1' state
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' trying to restart
Dec 2 21:13:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data1' status failed (1) -- /srv/dev-disk-by-label-data1 is not a mountpoint
Dec 2 21:13:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data2' not mounted
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' unable to read filesystem '/srv/dev-disk-by-label-data2' state
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' trying to restart
Dec 2 21:13:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data2' status failed (1) -- /srv/dev-disk-by-label-data2 is not a mountpoint
Dec 2 21:13:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity1' not mounted
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' unable to read filesystem '/srv/dev-disk-by-label-parity1' state
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' trying to restart
Dec 2 21:13:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity1' status failed (1) -- /srv/dev-disk-by-label-parity1 is not a mountpoint
Dec 2 21:13:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity2' not mounted
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' unable to read filesystem '/srv/dev-disk-by-label-parity2' state
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' trying to restart
Dec 2 21:13:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity2' status failed (1) -- /srv/dev-disk-by-label-parity2 is not a mountpoint
Dec 2 21:13:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data3' not mounted
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' unable to read filesystem '/srv/dev-disk-by-label-data3' state
Dec 2 21:13:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' trying to restart
Dec 2 21:13:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data3' status failed (1) -- /srv/dev-disk-by-label-data3 is not a mountpoint
Dec 2 21:14:23 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data1' not mounted
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' unable to read filesystem '/srv/dev-disk-by-label-data1' state
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' trying to restart
Dec 2 21:14:23 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data1' status failed (1) -- /srv/dev-disk-by-label-data1 is not a mountpoint
Dec 2 21:14:23 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data2' not mounted
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' unable to read filesystem '/srv/dev-disk-by-label-data2' state
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' trying to restart
Dec 2 21:14:23 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data2' status failed (1) -- /srv/dev-disk-by-label-data2 is not a mountpoint
Dec 2 21:14:23 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity1' not mounted
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' unable to read filesystem '/srv/dev-disk-by-label-parity1' state
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' trying to restart
Dec 2 21:14:23 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity1' status failed (1) -- /srv/dev-disk-by-label-parity1 is not a mountpoint
Dec 2 21:14:23 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity2' not mounted
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' unable to read filesystem '/srv/dev-disk-by-label-parity2' state
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' trying to restart
Dec 2 21:14:23 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity2' status failed (1) -- /srv/dev-disk-by-label-parity2 is not a mountpoint
Dec 2 21:14:23 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data3' not mounted
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' unable to read filesystem '/srv/dev-disk-by-label-data3' state
Dec 2 21:14:23 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' trying to restart
Dec 2 21:14:23 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data3' status failed (1) -- /srv/dev-disk-by-label-data3 is not a mountpoint
Dec 2 21:14:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data1' not mounted
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' unable to read filesystem '/srv/dev-disk-by-label-data1' state
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data1' trying to restart
Dec 2 21:14:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data1' status failed (1) -- /srv/dev-disk-by-label-data1 is not a mountpoint
Dec 2 21:14:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data2' not mounted
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' unable to read filesystem '/srv/dev-disk-by-label-data2' state
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data2' trying to restart
Dec 2 21:14:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data2' status failed (1) -- /srv/dev-disk-by-label-data2 is not a mountpoint
Dec 2 21:14:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity1' not mounted
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' unable to read filesystem '/srv/dev-disk-by-label-parity1' state
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity1' trying to restart
Dec 2 21:14:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity1' status failed (1) -- /srv/dev-disk-by-label-parity1 is not a mountpoint
Dec 2 21:14:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-parity2' not mounted
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' unable to read filesystem '/srv/dev-disk-by-label-parity2' state
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-parity2' trying to restart
Dec 2 21:14:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-parity2' status failed (1) -- /srv/dev-disk-by-label-parity2 is not a mountpoint
Dec 2 21:14:53 omv monit[2740]: Filesystem '/srv/dev-disk-by-label-data3' not mounted
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' unable to read filesystem '/srv/dev-disk-by-label-data3' state
Dec 2 21:14:53 omv monit[2740]: 'filesystem_srv_dev-disk-by-label-data3' trying to restart
Dec 2 21:14:53 omv monit[2740]: 'mountpoint_srv_dev-disk-by-label-data3' status failed (1) -- /srv/dev-disk-by-label-data3 is not a mountpoint
Dec 2 21:15:01 omv CRON[3493]: (root) CMD (/usr/sbin/omv-mkrrdgraph >/dev/null 2>&1)
Dec 2 21:15:02 omv /omv-mkrrdgraph: Failed to build graph (plugin=disk, period=hour): [Errno 2] No such file or directory: '/var/lib/openmediavault/rrd/disk-octets-disk/by-label/data1-hour.png'
Dec 2 21:15:02 omv /omv-mkrrdgraph: Failed to build graph (plugin=disk, period=day): [Errno 2] No such file or directory: '/var/lib/openmediavault/rrd/disk-octets-disk/by-label/data1-day.png'
Alles anzeigen
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!