feat: make docker run on zfs, add unlocking docs
This commit is contained in:
parent
b3e8e45966
commit
80328959af
|
@ -1,3 +1,9 @@
|
|||
# Unlocking the root partition on boot
|
||||
|
||||
After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH on port 2222. After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.
|
||||
After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH with user root on port 2222.
|
||||
|
||||
```
|
||||
ssh root@nachtigall.pub.solar -p2222
|
||||
```
|
||||
|
||||
After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.
|
||||
|
|
|
@ -108,6 +108,7 @@
|
|||
extraOptions = ''
|
||||
--data-root /var/lib/docker
|
||||
'';
|
||||
storageDriver = "zfs";
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
@ -154,6 +155,7 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes = self.pub-solar.lib.deploy.mkDeployNodes self.nixosConfigurations {
|
||||
nachtigall = {
|
||||
sshUser = username;
|
||||
|
|
|
@ -28,6 +28,11 @@
|
|||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/var/lib/docker" =
|
||||
{ device = "root_pool/data/docker";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot1" =
|
||||
{ device = "/dev/disk/by-uuid/5493-EFF5";
|
||||
fsType = "vfat";
|
||||
|
|
Loading…
Reference in a new issue