Actually I have my home NAS-server setup with 6 HDD as data drives with mergerfs (unencrypted).
My actual OS it's OMV4 and I have about 4 running VMs (Virtualbox) and a lot of docker containers via docker-compose file (about 35 including plex, deluge, traefik, duplicati, ecc)
I would like to start from scratch and set up my NAS/homeserver running Proxmox VE, getting rid of Virtualbox, virtualizing OMV, and keep data shared across VMs (mainly windows machines for using via RDP).
I want to encrypt this server and would like your guidance on how to do it best.
In particular I want to change my actual setup for the goals below:
- distribute/balance my hw resources at best
- encrypt my data drives
- get better filesystem performance (especially I/O part that sounds like my bottleneck)
- using iommu/VFIO for gpu pass through into the windows VMs to get gpu accel.
Ryzen 1700 cpu
asus b350-a motherboard
1 nvidia 730 GPU PCI express
2 NICs (on board realtek + intel pci-exp)
16 GB non ECC Memory DDR4
1 x 256GB SSD usb 3.0 (for OS boot and docker files)
4 x 8TB + 2 x 3TB Seagate SATA 7200 RPM HDDS (for data drives) ext4+mergerfs
1 8TB usb external drive for selective encrypted backups (duplicati target)
For security/privacy I would like to encrypt it as much as possible. I would like to keep using mergerfs and possibly enter a single password at boot and decrypt my drives.
It's this possible? How/where to start?
Any help will be gratefully appreciated.