Bcachefs: Difference between revisions
Add fsck example |
Auto decrypt and mount Bcache partition on boot |
||
| Line 206: | Line 206: | ||
=== Remote encrypted disk unlocking === | === Remote encrypted disk unlocking === | ||
See article on [[Remote disk unlocking#Bcachefs unlocking|remote disk unlocking]] for a guide on how to enable SSH decryption of Bcachefs enabled systems. | See article on [[Remote disk unlocking#Bcachefs unlocking|remote disk unlocking]] for a guide on how to enable SSH decryption of Bcachefs enabled systems. | ||
=== Automatically mount encrypted device on boot === | |||
Since the Bcachefs mount options do not support supplying a key file, we could use the <code>bcachefs</code> command and run it on boot using a [[Systemd]] unit:<syntaxhighlight lang="nix"> | |||
systemd.services."bcachefs-mount" = { | |||
after = [ "local-fs.target" ]; | |||
wantedBy = [ "multi-user.target" ]; | |||
script = '' | |||
#!${pkgs.runtimeShell} -e | |||
${pkgs.keyutils}/bin/keyctl link @u @s | |||
${pkgs.bcachefs-tools}/bin/bcachefs mount -f /etc/keyfile_test /dev/sda1 /mnt | |||
''; | |||
serviceConfig = { | |||
Type = "oneshot"; | |||
User = "root"; | |||
}; | |||
}; | |||
</syntaxhighlight>This example unit mounts the Bcachefs encrypted partition <code>/dev/sda1</code> to the target <code>/mnt</code> by using the key file <code>/etc/keyfile_test</code>. | |||
[[Category:Filesystem]] | [[Category:Filesystem]] | ||