Created
April 18, 2024 11:08
-
-
Save NiceRath/9cb1dd43f6a7bf8c7074c86099d96b8d to your computer and use it in GitHub Desktop.
Luks Cryptmount - Resize encrypted LVM volume
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -eE -o pipefail | |
# to create such a volume - use: https://gist.github.com/NiceRath/c794caa26a28fc90fc628a047648722b | |
if [ $# -lt 3 ] | |
then | |
cat << EOF | |
You must provide: | |
1. -> the vg-name as argument 1 | |
2. -> the lv-name as argument 2 and | |
3. -> the resize amout as arugment 3 (p.e. '100GB') | |
Available volumes:" | |
EOF | |
lvscan | |
exit 1 | |
fi | |
set -u | |
VG_NAME=$1 | |
LV_NAME=$2 | |
RESIZE_AMOUNT=$3 | |
MAPPER_DIR='/dev/mapper' | |
LV_DEV="$MAPPER_DIR/$VG_NAME-$LV_NAME" | |
ENC_LV_NAME="crypt-$VG_NAME-$LV_NAME" | |
LV_DEV_ENC="$MAPPER_DIR/$ENC_LV_NAME" | |
KEY_DIR='<PATH-TO-KEY-DIR>' | |
GPG_FILE="${KEY_DIR}/<GPG-PASSPHRASE-FILE>" | |
KEY_HOST='<KEY-HOST>' | |
KEY_HOST_KEY_DIR='<KEY-HOST-DIR>' | |
KEY_SSH_USER='<KEY-HOST-USER>' | |
KEY_SSH_PORT='<KEY-HOST-SSH-PORT>' | |
KEY_SSH_KEY='<KEY-HOST-USER-SSH-KEY>' | |
# resize lvm lv | |
lvresize /dev/$VG_NAME/$LV_NAME --size +$RESIZE_AMOUNT | |
# resize crypto container | |
UUID=`cryptsetup luksUUID $LV_DEV` | |
KEY_FILE="$KEY_HOST_KEY_DIR/$UUID.key.asc" | |
KEY=`ssh -p $KEY_SSH_PORT -i $KEY_SSH_KEY $KEY_SSH_USER@$KEY_HOST "cat $KEY_FILE" | gpg --batch --yes --ignore-mdc-error --no-mdc-warning --no-tty --passphrase-file $GPG_FILE --quiet --decrypt` | |
echo $KEY | tr -d "\n" | cryptsetup resize $LV_DEV_ENC --key-file=- | |
# resize file system | |
resize2fs $LV_DEV_ENC | |
# output current lv's | |
echo "Resizing of volume $LV_DEV_ENC finished; Current size:" | |
lvscan |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment