1
0
Fork 0
forked from pub-solar/infra

feat: make docker run on zfs, add unlocking docs

This commit is contained in:
Benjamin Bädorf 2023-10-29 20:33:11 +01:00 committed by b12f
parent a10d77dcf6
commit f013c6e3f8
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
3 changed files with 14 additions and 1 deletions

View file

@ -1,3 +1,9 @@
# Unlocking the root partition on boot
After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH on port 2222. After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.
After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH with user root on port 2222.
```
ssh root@nachtigall.pub.solar -p2222
```
After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.

View file

@ -107,6 +107,7 @@
extraOptions = ''
--data-root /var/lib/docker
'';
storageDriver = "zfs";
};
services.openssh.enable = true;
@ -153,6 +154,7 @@
};
};
};
deploy.nodes = self.pub-solar.lib.deploy.mkDeployNodes self.nixosConfigurations {
nachtigall = {
sshUser = username;

View file

@ -28,6 +28,11 @@
fsType = "zfs";
};
fileSystems."/var/lib/docker" =
{ device = "root_pool/data/docker";
fsType = "zfs";
};
fileSystems."/boot1" =
{ device = "/dev/disk/by-uuid/5493-EFF5";
fsType = "vfat";