I am doing a similar setup with luks and unionfs.
adding nofail to the options of unionfs either in gui or fstab does allow the system to boot instead of crashing to emergency state.
However after unlocking the luks encrypted drives the shared folder will not mount with nofail in the options of unionfs. I have to remove it and do a mount -a for shared folders to work gain.
Any ideas on how to fix this? or a workaround?
I really wanted to commit to encryption and get myself used to it.
Hello,
LUKS encrypted, no self unlocking/mounting in a mergerfs pool here too (in a Proxmox VM).
"Nofail" doesn't work for fuse fstab entries so I added noauto in the mergerfs options : "noauto,defaults,allow_other,cache.files=off,use_ino"
I also added "nofail" in the options of each of the unlocked drives entries of /etc/fstab : defaults,nofail,user_xattr etc...
I get an acceptable solution : at boot I only have to wait until the 1min30s search for "not existing yet" uuid finishes. Once OMV has booted, I can unlock the drives and "refresh" the mergerfs pool (update>save so that the drives appear in the pool).
So I'm now looking for a way to automate the addition of the "nofail" clause in fstab once the drive is unlocked, in case I add a new drive, and a way to manually mount/refresh the mergerfs pool once the drives have been unlocked and mounted.
Hope it helps...
Does anyone wiht LUKS, snapraid and UnionFS have a suitable workaround for the boot issues? Or is just nofail and/or noauto the solution for now?
I was fiddling around with my Helios64 as well but ran into that exact issue that I could not boot anymore but did not clearly saw that the combination of Luks and UnionsFS is probably causing this. As I had some important data to copy I did not swith my machine off since a week now but I would rather have a reliable system in the end that boots smoothly (either on emmc or sd).
I have not tried nofail nor noauto so far, but will give it a shot on the weekend.
Does anyone wiht LUKS, snapraid and UnionFS have a suitable workaround for the boot issues? Or is just nofail and/or noauto the solution for now?
I don't know that there are any. Snapraid doesn't make a difference. Auto-unlock of LUKS might help. Maybe someday I will re-write the plugin to use systemd mount files but I don't want to do that and have it not work any better. LUKS needs to go away as an OMV option (I know LUKS works well - I use it at work a lot) in favor of a filesystem that offer encryption in one layer to avoid this double layer problem.
I don't know that there are any. Snapraid doesn't make a difference. Auto-unlock of LUKS might help. Maybe someday I will re-write the plugin to use systemd mount files but I don't want to do that and have it not work any better. LUKS needs to go away as an OMV option (I know LUKS works well - I use it at work a lot) in favor of a filesystem that offer encryption in one layer to avoid this double layer problem.
Thank you for the feedback and I totally agree with the encryption. I quite like LUKS (as it works fairly well) and I am rather reluctant to auto-unlock the encrypted harddisks so I will try the mentioned solutions... it's no big thing either if it works at the end. I am not consistantly reboot the machine but as I got stuck several times I just want to avoid the helios going into recovery mode.
I don't know that there are any. Snapraid doesn't make a difference. Auto-unlock of LUKS might help. Maybe someday I will re-write the plugin to use systemd mount files but I don't want to do that and have it not work any better. LUKS needs to go away as an OMV option (I know LUKS works well - I use it at work a lot) in favor of a filesystem that offer encryption in one layer to avoid this double layer problem.
Doesn’t ZFS offer data at rest encryption now?
Doesn’t ZFS offer data at rest encryption now?
yep. It was added in 0.8.
so has anyone compared the 2 options:
LUKS encrypted HD + ZFS on top
vs
ZFS encryption
- performance
- security
Alles anzeigenI am doing a similar setup with luks and unionfs.
adding nofail to the options of unionfs either in gui or fstab does allow the system to boot instead of crashing to emergency state.
However after unlocking the luks encrypted drives the shared folder will not mount with nofail in the options of unionfs. I have to remove it and do a mount -a for shared folders to work gain.
Any ideas on how to fix this? or a workaround?
I really wanted to commit to encryption and get myself used to it.
I ran into the exact same issue. Boot is flawless but the nofail prevents the UnionFS to mount the folders properly. I removed the nofail from the UnionFS settings, saved everything and the pool with the shared folders mounted as expected. After that I put in nofail again in order to be able to boot normally...
Can this be done with an automated script after the decrytion of the hdds?
I don't know that there are any. Snapraid doesn't make a difference. Auto-unlock of LUKS might help. Maybe someday I will re-write the plugin to use systemd mount files but I don't want to do that and have it not work any better. LUKS needs to go away as an OMV option (I know LUKS works well - I use it at work a lot) in favor of a filesystem that offer encryption in one layer to avoid this double layer problem.
Well, it works too well but maybe I should start the encryption process with the CLI.
Last question: I have not dug into all the differences between UnionFS and the MergerfsFolder Plugin. Would it make a difference to go the mergerfs-folder route insead of unionfs? And if so: can that be done equally without hassle in order not to loose any data and make it acessible with the exact same state as unionfs?
Would it make a difference to go the mergerfs-folder route insead of unionfs?
Unknown. Maybe.
can that be done equally without hassle in order not to loose any data and make it acessible with the exact same state as unionfs?
Why would you lose data? mergerfs works on top of other filesystems. Adding/changing/deleting pools makes no difference to the data on the underlying filesystems.
Why would you lose data? mergerfs works on top of other filesystems. Adding/changing/deleting pools makes no difference to the data on the underlying filesystems.
Thank you. I meant rather if I could switch to mergerfs-folders and maintain the same state as with unionfs.
I know that I won't lose data, but I maybe have to rearrange the whole file and folder structure... and if I could just avoid that I'd rather go this way 
I meant rather if I could switch to mergerfs-folders and maintain the same state as with unionfs.
They are both using mergerfs. So, I assume you can.
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!
