Need help installing Proxmox with automatic decryption and multiple drives by beansniffer in c/[email protected]
[-] [email protected] 0 points 11 months ago

It may be helpful to know that the former r/zfs community has migrated to a Discourse server at practicalzfs.com. Might be worth asking there for some expert advice.

I tried posting there, but the mods haven't been there in a couple of days to approve my post. I tried posting on reddit but since reddit is a garbage website that noone should ever visit, I was immediately shadowbanned and noone has seen my posts.

Thanks for your post.

6
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/zfs
1 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

0
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

1
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

13
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
2 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

5
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

3
[help] Need Help installing Proxmox with full disk encryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

0
Need help installing Proxmox with automatic decryption and multiple drives (lemmy.ml)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

  • 2 Sata SSDs boot drives in a ZFS mirror
  • 1 NVME SSD for L2ARC and VM storage
  • 3 HDDs in a RAIDz1 for backups and general large storage
  • 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

  • 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
  • All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

4
What were the factors that led to you being anti-car? (lemmy.ml)
submitted 2 years ago by [email protected] to c/[email protected]
2 comments fedilink

I've got to admit that when I first heard of the anti-cars community, I was a little skeptical. "Whats wrong with cars?" I thought. But the more I lurked, and the more I watched youtube channels like Not just bikes, the more I understood just how shitty the world is around us. Fuck Cars.

A German man is suspected of getting more than 87 COVID-19 shots so he could sell fake vaccination certificates by beansniffer in c/[email protected]
[-] [email protected] 4 points 2 years ago

More than 87 shots and the guy is still alive. If that doesn't prove that the vaccine is safe, I don't know what would convince these delusional fucks.

The amount of Russophobia and anti Russian censorship ongoing currently on Reddit is astounding. by beansniffer in c/[email protected]
[-] [email protected] 0 points 2 years ago

leaving for 5-10% anti-hatred people

Does someone being from the USA or Europe automatically make them anti-Russia? Does someone not being from USA or Europe automatically make them pro-Russia?

Isn't assuming either of these things prejudiced (and dare I say perhaps even racist) against both Americans and Europeans?

Europe is always ready to save white people by beansniffer in c/[email protected]
[-] [email protected] 0 points 2 years ago

Europe is always ready to save white people

You make that sound like its racist for European countries wanting to help out a European neighbor. It isn't.

What are easy to present criticisms of mainstream outlets like BBC and CNN? by beansniffer in c/[email protected]
[-] [email protected] 0 points 2 years ago

Take a topic that you know. Something related to your field of work, or your special interest, whatever. Now watch a news video about that topic and notice how laughably wrong they get even basic details. Most people can relate to how wrong the media gets on a topic they're intimately familiar with but then also think they get topics right when talking about other things like world affairs.

Is there a piracy solution as boomer friendly as Stremio? by beansniffer in c/[email protected]
[-] [email protected] 1 points 2 years ago* (last edited 2 years ago)

Stremio is essentially a glorified torrent client with a nice UI. It runs locally on a device connected to the tv you want to stream to. It behind the scenes searches trackers and downloads from torrents of the content someone wants to watch in a netflix like UI. Someone that wasn't technology literate wouldn't know they were pirating content from torrents if you didn't tell them.

A solution is that you manage the server and jellyfin and your friends/family connect to it.

While a self hosted solution like this would be nice, I would get messages everyday from friends and family frequently asking, "Can you add this movie to the server? Can you add this TV show to the server?" and they would eventually stop asking me and just pay for a streaming service if I forgot to fulfill every request. I would like to avoid having to manually add content to the server if my friends and family can just choose the content their wanting to watch themselves.

8
Is there a piracy solution as boomer friendly as Stremio? (lemmy.ml)
submitted 2 years ago by [email protected] to c/[email protected]
3 comments fedilink

Now normally I would just setup radarr, sonarr and the like on a seedbox or something if I were looking for a setup for myself, but my friends and family members can't handle something like that. Stremio with torrent addons offers a user friendly netflix-like experience but its not entirely opensource and I can't self host it.

Jellyfin seems to be a popular suggestion for user friendly software with a netflix-like interface but from what I can tell, there isn't automatic torrenting to match the convenience of stremio.

If a family member has to open a webpage or an app to pick out content, then wait for it to download fully, then open up the jellyfin UI to watch content, that might be too complicated for some of my elderly family members to achieve.

Is there an open source/self-hosting torrent/piracy solution that is comparable to stremio in regards to being boomer friendly? Thanks for your comments.

I live in a rural area 30+ miles (50+ KM) away from anything else without access public transportation. What are my options to get basic necessities like food without using a car? by beansniffer in c/[email protected]
[-] [email protected] 2 points 2 years ago

Your case, though, could be easily solved with trains easily solved

while I agree with a lot of your post (certainly more informative than the others), I disagree that the issue could be easily solved. There is a lack of political will (at best) and an outright hostility (at worst) to the very idea of trains and public transportation.

8
I live in a rural area 30+ miles (50+ KM) away from anything else without access public transportation. What are my options to get basic necessities like food without using a car? (lemmy.ml)
submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]
6 comments fedilink

Cargo e-bikes generally have a battery capacity limit of around 25 miles (which batteries aren't meant to be fully drained every time they're used anyway).

Any suggestions that don't include the use of cars in a carpool or moving?

Is "Fuck Cars" a pro-city/anti-rural philosophy?

beansniffer

joined 2 years ago