OMV5 Installation Questions

  • Hello all,

    First time posting from a lurker here :)

    I have a few questions:


    1. I have just tried to install OMV5 for the first time in a while and I noticed it does not give the option to use Encrypted LVM. Was this removed or did it never exist? What is the best solution for this?


    2. I have been reading around these forums and see that it is recommended to install Docker on a separate data drive. Is it possible to encrypt this data drive and still use it for this purpose? (I won’t bother asking what size should I have, i.e. how long is a piece of string)


    3. When I tried OMV before I remember there being an encryption plugin but it would not let me use drives that were already encrypted (unless I erase them first), has this changed? If not, does that mean drives need to be re-encrypted and data moved back onto them each time OMV is setup? (Almost certain I have that wrong)


    TIA

    Reekon

  • Was this removed or did it never exist?

    Never existed.


    What is the best solution for this?

    Probably the LUKS plugin.


    I have been reading around these forums and see that it is recommended to install Docker on a separate data drive. Is it possible to encrypt this data drive and still use it for this purpose?

    Nope, it has nothing to do with encryption. Most people are using a small OS drive and docker can fill it.


    When I tried OMV before I remember there being an encryption plugin

    There still is a LUKS encryption plugin.


    it would not let me use drives that were already encrypted (unless I erase them first), has this changed?

    Depends on how your encryption was setup and if it was using LUKS. The plugin doesn't store anything in the database. So, unless it was some strange setup, there is no reason it shouldn't show up once it was decrypted.


    If not, does that mean drives need to be re-encrypted and data moved back onto them each time OMV is setup? (Almost certain I have that wrong)

    No. Once the device is unlocked, it should be able to be used by OMV as long as there is a backend for the filesystem on top of the encrypted device.

    omv 5.6.13 usul | 64 bit | 5.11 proxmox kernel | omvextrasorg 5.6.2 | kvm plugin 5.1.6
    omv-extras.org plugins source code and issue tracker - github


    Please read this before posting a question.
    Please don't PM for support... Too many PMs!

  • Thanks ryecoaaron,


    How small should the “small OS drive” be (if data is to be on a separate drive)?


    Can the LUKS plug-in encrypt the OS drive too? Is this better than the install-over-Debian method?

  • How small should the “small OS drive” be (if data is to be on a separate drive)?

    16gb works well.


    Can the LUKS plug-in encrypt the OS drive too?

    No.


    Is this better than the install-over-Debian method?

    Installing with the OMV iso and install the openmediavault package on a Debian install end up with the same result. If you want the OS drive encrypted, you will have to install Debian first and then OMV. I recommend using the install script to install OMV after Debian -https://github.com/OpenMediaVa…-Developers/installScript

    omv 5.6.13 usul | 64 bit | 5.11 proxmox kernel | omvextrasorg 5.6.2 | kvm plugin 5.1.6
    omv-extras.org plugins source code and issue tracker - github


    Please read this before posting a question.
    Please don't PM for support... Too many PMs!

  • After we setup OMV5 over Debian, is the user account (created during setup) useful for anything? Does the default admin account need to be the main admin account? Can it be deleted?

    I would keep a user account, but that's juts me. If you want to delete it, and then add one via the webUI, you can do that as well


    You can give users admin privileges, but I don't think you can delete the admin account (I'm not sure why anyone would want to do either, but it comes up constantly for some reason)

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • I would keep a user account, but that's juts me. If you want to delete it, and then add one via the webUI, you can do that as well


    You can give users admin privileges, but I don't think you can delete the admin account (I'm not sure why anyone would want to do either, but it comes up constantly for some reason)

    It has a bunch of access assigned but can’t do much of anything which is weird…

  • post the output of:


    Code
    id your_username

    then

    Code
    ls -l /path/to/share

    obviously your_username is you omv username, and /path/to/share is whatever path you're having issues with.

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • post the output of:


    Code
    id your_username

    then

    Code
    ls -l /path/to/share

    obviously your_username is you omv username, and /path/to/share is whatever path you're having issues with.

    Thank you, it’s all good now. I am just kind of new to this I guess, but it’s fun learning :)

  • Thank you, it’s all good now. I am just kind of new to this I guess, but it’s fun learning :)

    Well why don't you share what you did in case someone comes across this in a search

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • I done it all via GUI :)

    Everyone seems to prefer to command line around here for some reason?

    Well that is an overwhelming amount of information, I'm sure it will be very helpful to someone in the future regarding a problem. Thank you for your contributions. :rolleyes:


    Nobody prefers using the command line here (well some do). Often times, people get here and they are frustrated with a problem, and you're telling them to do things that should be working, and when it's not working, it's easier to get info from the command. Most of the time you find they aren't doing what you've been telling them to do all along.

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • If I use the LUKS plugin to encrypt a drive that Docker will be installed on, is there any danger of corruption or reorganisation of data drives when OMV5 boots up and the Docker drive has not been decrypted yet?


    Assuming the setup is like:

    |Server

    |-OMV5

    |-Docker (encrypted)

    |-DataDrive1

    |-DataDrive2


    …if the server boots up and ‘Docker’ has not been decrypted yet (as I have not logged in yet), is there a chance the DataDrives paths can be messed up like becoming sdb1 instead of sdc1 (assuming no, but something like this used to happen with Windows drives).


    Also it won’t be able to find Docker due to being encrypted, but once I unlock the drive will it ‘just work’ or will there be some caveats? Is this not recommended? Can Docker be set to only start manually (giving time to unlock the drive), or is there some other common solution?


    TIA, Reekon

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!