harddrive_setup
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
harddrive_setup [2011/11/01 09:01] – DPtIpDIAoGo 81.186.131.176 | harddrive_setup [2021/02/01 05:55] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | It was dark when I woke. This is a ray of snushnie. | + | ====== 2 x 3TB + GPT + Grub2 + RAID + LVM + ENCRYPTION ====== |
+ | |||
+ | The idea is to have two harddrives in mirror mode with complete system encryption. | ||
+ | For each harddrive we need a BIOS boot partition with grub core.img stuff in them. They have to be configured and installed (in grub) in such a way that each harddrive can boot from itself. | ||
+ | I have decided to have the swap partitions not in any RAID configuration. Each harddrive will have a separated swap partition, each swap will be encrypted with a random key. | ||
+ | The rest of the disk is the whole linux system (including /boot). This is going to be a RAID1 (copy) with a LVM on top (to allow future extension) and encryption on top. | ||
+ | |||
+ | In each harddrive do the following: | ||
+ | |||
+ | * Create GPT partition table with gdisk. (Check that the alignment is to 2048-sectors for 4Kb harddrives, if not set it like that) | ||
+ | * Create a BIOS boot partition | ||
+ | * Create a Linux swap partition (2G) | ||
+ | * Create a Linux RAID partition (the rest of space) | ||
+ | |||
+ | Now in the first harddrive do: | ||
+ | |||
+ | * Create the Linux RAID1 device: | ||
+ | |||
+ | mdadm --create md0 --level=1 --raid-devices=2 -R /dev/sdf3 missing | ||
+ | |||
+ | * Replace " | ||
+ | |||
+ | * For some reason the drive is read only still: | ||
+ | |||
+ | md0 : active (auto-read-only) raid1 sdf3[0] | ||
+ | ?????? blocks super 1.2 [2/1] [U_] | ||
+ | |||
+ | * Make it read/ | ||
+ | |||
+ | mdadm --readwrite /dev/md/md0 | ||
+ | |||
+ | * Update / | ||
+ | |||
+ | mdadm --examine --scan >> / | ||
+ | |||
+ | * Create an LVM2 logical block device on top of this RAID: | ||
+ | |||
+ | pvcreate / | ||
+ | vgcreate test / | ||
+ | lvcreate -l 100%VG -n root test | ||
+ | |||
+ | * Create a dm-crypt on top of the LVM: | ||
+ | |||
+ | modprobe sha512_generic | ||
+ | modprobe aes_generic | ||
+ | modprobe aes-x86_64 | ||
+ | cryptsetup -y luksFormat / | ||
+ | |||
+ | * Activate dm-crypt: | ||
+ | |||
+ | cryptsetup luksOpen / | ||
+ | |||
+ | * Create ext4 partition: | ||
+ | |||
+ | mkfs.ext4 / | ||
+ | |||
+ | |||
+ | In this moment the disk is ready for installing software on it. What I'm trying to do is to copy my old harddrive installation into this new system. I will probably copy this using rsync, but first I want to check if the ext4 filesystem can be seen by grub2. I plan to test this from the grub console on my currently running system. | ||
+ | |||
+ | ===== Important commands ===== | ||
+ | |||
+ | blkid - lists uuids of block devices, could be useful for configuring grub. | ||
+ | grub-mkdevicemap - could be necessary if you add more harddrives and want to install grub in the new harddrives. | ||
+ | |||
+ | |||
+ | |||
+ | |
harddrive_setup.1320138087.txt.gz · Last modified: 2021/02/01 05:55 (external edit)