systemd mount before cryptsetup.target
by wvv from LinuxQuestions.org on (#5S7DS)
Hello Guys,
I am slowly getting to grips with systemd and thought about decrypting my local luks volume with a keyfile stored on an nfs share. The idea is that the share itself should get mounted at boot before cryptsetup.target
Now I'm not really sure if what I'm doing is a good approach or if it should be done another way.
I've managed to get it working with following .mount file:
Code:[Unit]
Description=LUKS key
Requires=nfs-client.target
Before=dev-mapper-DATA.device
Conflicts=umount.target
[Mount]
What=10.0.0.59:/key
Where=/key
Type=nfs
[Install]
WantedBy=basic.targetAlthough it additionally breaks the ordering cycle (probably cause of wrong order of the dependencies - normally cryptsetup.target starts long before network.target/nfs-client.target).
I'm wondering if it's even possible to order these units in a way that would ensure correct start of all services during boot?
The thing is that I have different data stored on the encrypted volume that should be available relatively early during boot process in order to prevent failure of services that depend on it (docker containers, VMs).
Thanks in advance for any pointers.
I am slowly getting to grips with systemd and thought about decrypting my local luks volume with a keyfile stored on an nfs share. The idea is that the share itself should get mounted at boot before cryptsetup.target
Now I'm not really sure if what I'm doing is a good approach or if it should be done another way.
I've managed to get it working with following .mount file:
Code:[Unit]
Description=LUKS key
Requires=nfs-client.target
Before=dev-mapper-DATA.device
Conflicts=umount.target
[Mount]
What=10.0.0.59:/key
Where=/key
Type=nfs
[Install]
WantedBy=basic.targetAlthough it additionally breaks the ordering cycle (probably cause of wrong order of the dependencies - normally cryptsetup.target starts long before network.target/nfs-client.target).
I'm wondering if it's even possible to order these units in a way that would ensure correct start of all services during boot?
The thing is that I have different data stored on the encrypted volume that should be available relatively early during boot process in order to prevent failure of services that depend on it (docker containers, VMs).
Thanks in advance for any pointers.