Hi There
I changed to Manjaro some days ago and really really like it.
Since my setup contains 2x2 harddrives which are mirrored (Raid1) in pairs, i liked to install this in my new environment.
So I’ve spent hours with trying to setup just one Raid, but none of the tips / tutorials in the net really functioned. I could post lots of information about what I’ve did in variation. General Problem was just the disappearing of the whole raid after reboot although i altered /etc/fstab and /etc/crypttab. Some possible problems would be permissions on the drive / mountpoint, but since I’ve also tried chmod 777 and owner and group is my user, I do not really know what to do.
Here’s the goal: two pairs of harddrives setup in Raid1 each pair. As the “used partition” (of both raids) i would like to use LUKS encryption for my data. Naturally i would like to mount at boot, and optionally use a key file for not beeing forced to type all passphrases each time i boot.
=> Is there any way to do this, and how would i professionally do the setup?
All together, as in “RAID-10”, or literally two pairs of RAID-1 arrays that are kept separate?
Are you trying to also install Manjaro’s root to an encrypted LUKS container that sits atop a RAID array? Or are you only using the RAID array(s) for user data, while the root partition will be installed to its own SSD/HDD?
Keep in mind you don’t want to make things overly complex if there’s a simpler alternative.
Ok.
1.) System itself is totally seperate from those drives. some ssd, just OS. → But system ssd is also encrypted with luks, setup while installing the manjaro (with the assistant). So the HDDs are just for user data. I just want to be able to change the whole OS in “emergency” without loss of user data.
2.) So I’m talking of raid1 / mirrors which contain exactly 2 HDDs. Sorry for that. I have an Amount of 4 physical HDDs which I want to split in 2 pairs. Each pair of HDDs should be setup as Its OWN RAID1 device. At the end, i would have two “logical” (raid)devices, which each contain 2 physical HDDs. Hope it’s clearer now.
That makes things much less complex. What about your /home/ path? Is it also on this SSD?
I don’t understand this part. As in you want to be able to use the RAID-1 arrays on any Linux system?
mdadm can stop/start arrays on any Linux system, so long as the underlying devices are present and healthy. The same is true for a LUKS container, so long as you have access to the keyfile and/or passphrase. In fact, to be safe, I highly recommend you have at least two keyslots being used, with one using a passphrase. This way if you lose the keyfile, you can still unlock the LUKS container with your passphrase.
That’s perfectly reasonable, and you can have them mounted to /data/array0 and /data/array1 for example.
You have to create the array with mdadm. Now you’ll have a “block device” (in this case a software RAID array), such as md0. On md0 you will create a LUKS container. On this container, perhaps crypto_md0, you will format an Ext4 or XFS filesystem. It’s safer to work with UUIDs and disk-labels, rather than boot-assigned “sda, sdb, sdc, etc” since it will assure the correct block devices are used everytime and on every system.
Then it’s a matter of creating and placing the keyfile on the root filesystem, such as /keyfile_crypto_md0.bin, and specifying the file in the crypttab to unlock the LUKS container. Then in your fstab you add an entry to mount the unlocked LUKS container (/dev/mapper/crypto_md0), or whatever, to /data/array0. And so on.
1.) Common /home is on SSD. but i would not store any data there. i just use the OS SSD for applications + OS, nothing more.
2.) Don’t know if it must be “any” linux system. i just guessed, that since I would use software raid, Data would be simply recoverable on any other system supporting EXT4 resp. LUKS. So I also should be able to / could “recover” my data on a (one of the) single (!) drive(s) and make another setup / rearrangement etc…
3.) Did not think about loosing a keyfile… .perhaps i will just use a passphrase. Kind of plodding, but who cares.
4.) Your Description of setup: Kind of what i’ve done, except to the keyfile which i’ve not used. Just get “Timed out waiting for md0” during boot. but perhaps there was really a mistake in fstab/crypttab entries.
@Hilbert used “emergency” in the non-technical sense. They meant “emergency” as in “If I ever have to remove my drives from this system and install them into another computer; or install a new Linux distro; or boot into a live USB; I want to still be able to access my data.”
What does your mdadm.conf, crypttab, and fstab look like now? That might explain why you don’t have an active array upon bootup.
Hi there
My crypttab + fstab is now “empty” except for the entries of my ssd / boot drive.
So i’ve deleted the entries of the raid, because my system was not bootable.
mdadm.conf looks empty, since all lines are commented out.
only not-comment line is: DEVICE partitions
i didn’t knew this file. perhaps the problem is, that md0 is not referenced in this file? since i’ve created the raid already, shoudn’t there be an entry independent from boot information?
Do one need to manually configure this file?
What about your