My hardware is ready...

Ok problem solved. (BIOS upgrade + some cabling :-D)

OMV installed on SSD.

Next step install luks plugin, followed by zfs plugin

Quote from ryecoaaron

The order of the plugin installation doesn't matter but the order of the configuration does. While there are different ways to set this up, I would create the encrypted device(s) with luks first and then zfs on top of that. I haven't tried that to see if it works though.

I think it's not possible de encrypt the drives and use zfs at the same time. When I first encrypt the drives, they are not being seen in ZFS. And when I create the pool first, it's not being seen in the Encryption area...

No one has tried this before?

Do I understand that there is no way to encrypt the drive while using ZFS?

Quote from ryecoaaron

I guess you can't use both. You could wait for the zfs plugin to support encryption or use mdadm raid.

Oh so the ZFS plugin will support encryption in the near future? Once it is supported, I will not have to move my data or anything like that?

Quote from luxflow

zfs native encryption support is in progress
https://github.com/zfsonlinux/zfs/pull/4329
no one know when it is released, (my wild guess for release is within 6 month)

and yes, you need to set encryption before creating dataset (according to above link)

• Encryption must be specified at dataset creation time.

so you need to move all data, and recreate dataset with encryption enabled

I didn't test but I think you can use luks encryption currently with zfs volume
create volume -> luks encryption -> format with ext4 -> mount and use

Display More

Thanks luxflow for your input.

Indeed it worked.

When I did it I realised that I need some strategy first about how to manage my drives.

So I have 3 hard drives of 4Tb actually 3,6 usable. After creating a RAID-Z1 pool. I'm left with 7.02 to use. For now it's more than enough.

But how to I manage the volume creation? I mean, should I keep this master pool with 7.02Tb and share it entirely with smb / CIFS and create folders, or do I need to create one ZFS volume per need?

For instance : a volume for /Documents, one for /Backup, an other for /Media?

Thanks all for your patience. I'm really new to omv/NAS and everything. But I'm not in a hurry I can take time to set things properly

edit : in the case I need to create volumes, if a hard drive fails, I still can change it in a "plug and play" way?

Quote from luxflow

one per your need
one guide line for dividing dataset(whether it is zfs filesystem or volume) is attribute for that dataset
zfs provide several attribute such as compression,disk size quota ..
also zfs provide snapshot
it depends on your need whether divide or not
for example documents need compression on, but media don't want to compression on since media is already compressed
and for documents, you need snapshot scheduling per hour (that means your changes is kept per hour)
but you don't need snapshot per hour for media, then divide it
(additional note: automatic snapshot is not supported in gui, use cli, I have plan for supporting gui)

and if one driver fail(because raid z1 only support 1 drive fail), you need `zfs replace` command in shell (no gui support yet)

Display More

Ok thanks for this valuable input, it makes things clearer.

However, I did'nt get much of this sentence : "one guide line for dividing dataset(whether it is zfs filesystem or volume) is attribute for that dataset"

So to be clear if I do this, is it clever? :

- BigPool 7.02Tb
-vol01 documents 1Tb (snapshot)
-vol02 Media 3Tb (volume)
-vol03 dataset 1To (volume) (don't know what it is for exactly and how much space it needs)

I will be left with 2Tb not used. So if In a few months I see that documents needs more space, I'll be able to expend it, right?

Also, in order to see all my data from my windows PC, I guess that I'll need to create at least one shared folder per volume right?

You totally right, I'll reduce the size for the volumes for now.

So, I'm getting better understanding on how to slice the MainPool.

Here is what I did :-MainPool 7.02 Tb
---Documents 1Tb
---Media 2Tb

And that's great because now I'll also be able to encrypt the Documents and Media volumes. What about that dataset volume? Is 1Tb ok? what is it for?

One last thing : when I try to create a shared folder in the Access Rights Management, the only Device it suggests me in the roll-up menu is the MainPool, It doesn't show me neither the Documents nor the Media volumes that I've created. Is that normal ? What's the point of creating volumes if we cannot use them? But I'm sure I'm getting something wrong.

Thank you so much and thank ryecoaaron for your valuable help!

Quote from luxflow

go filesystem -> create -> choose device -> ext4 -> mount -> go share

Hi luxflow,

Thanks for your answer. I created a 2min video to explain what I did and to show that I'm not able to do what you suggested :

I hope that it will clarify what I want to achieve and the problem I have!

Thanks again

Quote from ryecoaaron

I guess you can't use both. You could wait for the zfs plugin to support encryption or use mdadm raid.

Thanks luxflow It worked!. (I had to remove the drives from the encrytpion area)

But now encrypting those drive is not possible :

So I guess there is no way to encrypt the drive and use them at the same time? :-/

Quote from luxflow

oh I finally understand what you got wrong!

luks drive should be unlocked when you're using disk
it doesn't mean hard drive is not encrypted

when you unlocked, you will see decrypted device which -crypto is appended to
decryption process is made on live
if you access -crypto device it first copy data from original device which is encrypted
and in memory, data is decrypted using passphrase you provide when you unlocked on live

SUPPOSE, cops invade your home, you see cops and after that immediately shutdown your computer
then your passphrase is removed since it was in memory. so cops have to input passphrase again
or
SUPPOSE, you leave your laptop in coffee shop, but before leave you unlocked,
then your passphrase is removed right now, and thief grab your laptop, but he don't know passphrase
so he cannot get your data

so you have to create filesystem on -crypto device
not original filesystem

and also it was your misunderstanding
I think zfs filesystem works well with luks
abandon idea using volume instead
try zfs filesystem with luks

Display More

Thank you very much luxflow for your patience!

I finaly managed to go to the process succesfully. In fact it seems that there is a specific order to follow to do this succesfuly...

But!...unfortunatly another thing went wrong...see here :

Again, thank you very much for your patience! The only thing that keeps me sticking with OMV is that you and ryecoaaron keeps helping me otherwise I would have left for something more "noobie friendly" with plenty of documentations and a big community...

Quote from luxflow

it seems likely omv-luks bug
since omv-luks plugin recently is ported, there might be bug (it doesn't mean luks is unstable, but plugin for luks is unstable)
I will check and fix and let you know (it will takes time <~3days?)

Thanks you very much luxflow for you answer! I thought that I was doing something wrong!

No problem I will wait.

For now I shut the server down. I will not put any data on it till I'm sure that I'll will not face any software problem in the future while expanding or doing normal stuff with the drives.

Quote from ryecoaaron

I don't have any speakers available to listen if there is audio on the video. If you are trying to unlock the encrypted volume, you can't while it is in use (referenced). This didn't change from OMV 2.x.

Yes I figured that out later but it was not my main problem.
In fact the problem occurs at 1:35 when nothing happens when I want to resize the volumes.
(I don't have any data on the drives but in was a test to see if it works for when I'll need the feature in the future).