aaronlauterer/Arch-ZFSRoot encrypted with hibernation

## Arch-ZFSRoot encrypted with hibernation
#Addendum to https://gist.github.com/aaronlauterer/dc878ab3e048a8fcf032b2153c166603

# We want to have a swap partition next to the ZFS VDEV inside the encrypted partition to be able to resume from hibernate
# Using LVM for this is somewhat overkill and I am not sure how good an idea ZFS inside LVM is.
# Therefore we need to partition our cryptoroot until it looks something like the following:
$  lsblk
NAME              MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda                 8:0    0 119.2G  0 disk
|-sda1              8:1    0   512M  0 part  /boot
`-sda2              8:2    0 117.6G  0 part
  `-cryptoroot    254:0    0 117.6G  0 crypt
    |-cryptoroot1 254:1    0     9G  0 part  [SWAP]
    `-cryptoroot2 254:2    0 108.6G  0 part

# The big Problem here is that when opening a LUKS device the kernel doesn't look for partitions in it automatically.
# We need to call partprobe on the opened cryptoroot for the partitions to show up.
# To have this during bootup we need to create our own little hook which we will add to mkinitcpio.conf

# Partitions:
$ parted /dev/mapper/cryptoroot
(parted) mklabel gpt
(parted) mkpart.....
# 2 partitions, one slightly bigger than the amount of RAM for the swap partition, the other filling up the rest
# format is as swap
mkswap /dev/mapper/cryptoroot1
swapon /dev/mapper/cryptoroot1

# create the zpool as in the other document.
# when running genfstab we also need the line for the swap space:
genfstab -U -p /mnt | grep swap >> /mnt/etc/fstab

# once chrooted into the new ZFS file system we need to create our hooks
# /etc/initcpio/install/load_part:
-----------------------------
#!/bin/bash

build() {
        add_binary 'partprobe'

        add_runscript
}

help() {
        cat <<HELPEOF
Probes mapped LUKS container for partitions.
HELPEOF
}
-----------------------------
# /etc/initcpio/hook/load_part:
-----------------------------
run_hook() {
        partprobe /dev/mapper/cryptoroot
}
-----------------------------

# The HOOK line in /etc/mkinitcpio.conf should look like this now:
HOOKS="base udev autodetect modconf block keyboard encrypt load_part resume zfs filesystems"

# We now need to find out the UUID of the swap partition with blkid:
$ blkid
....
/dev/mapper/cryptoroot1: UUID="3fb22265-cf5d-4c93-a70b-5473228dfee3" TYPE="swap" PARTUUID="324eb4ac-1fd9-4d68-aca8-b42a81cbf25b"

# add it with the resume parameter to your refind_linux.conf
resume=UUID=<swap UUID>
	#Addendum to https://gist.github.com/aaronlauterer/dc878ab3e048a8fcf032b2153c166603

	# We want to have a swap partition next to the ZFS VDEV inside the encrypted partition to be able to resume from hibernate
	# Using LVM for this is somewhat overkill and I am not sure how good an idea ZFS inside LVM is.
	# Therefore we need to partition our cryptoroot until it looks something like the following:
	$ lsblk
	NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
	sda 8:0 0 119.2G 0 disk
	\|-sda1 8:1 0 512M 0 part /boot
	`-sda2 8:2 0 117.6G 0 part
	`-cryptoroot 254:0 0 117.6G 0 crypt
	\|-cryptoroot1 254:1 0 9G 0 part [SWAP]
	`-cryptoroot2 254:2 0 108.6G 0 part

	# The big Problem here is that when opening a LUKS device the kernel doesn't look for partitions in it automatically.
	# We need to call partprobe on the opened cryptoroot for the partitions to show up.
	# To have this during bootup we need to create our own little hook which we will add to mkinitcpio.conf

	# Partitions:
	$ parted /dev/mapper/cryptoroot
	(parted) mklabel gpt
	(parted) mkpart.....
	# 2 partitions, one slightly bigger than the amount of RAM for the swap partition, the other filling up the rest
	# format is as swap
	mkswap /dev/mapper/cryptoroot1
	swapon /dev/mapper/cryptoroot1

	# create the zpool as in the other document.
	# when running genfstab we also need the line for the swap space:
	genfstab -U -p /mnt \| grep swap >> /mnt/etc/fstab

	# once chrooted into the new ZFS file system we need to create our hooks
	# /etc/initcpio/install/load_part:
	-----------------------------
	#!/bin/bash

	build() {
	add_binary 'partprobe'

	add_runscript
	}

	help() {
	cat <<HELPEOF
	Probes mapped LUKS container for partitions.
	HELPEOF
	}
	-----------------------------
	# /etc/initcpio/hook/load_part:
	-----------------------------
	run_hook() {
	partprobe /dev/mapper/cryptoroot
	}
	-----------------------------

	# The HOOK line in /etc/mkinitcpio.conf should look like this now:
	HOOKS="base udev autodetect modconf block keyboard encrypt load_part resume zfs filesystems"

	# We now need to find out the UUID of the swap partition with blkid:
	$ blkid
	....
	/dev/mapper/cryptoroot1: UUID="3fb22265-cf5d-4c93-a70b-5473228dfee3" TYPE="swap" PARTUUID="324eb4ac-1fd9-4d68-aca8-b42a81cbf25b"

	# add it with the resume parameter to your refind_linux.conf
	resume=UUID=<swap UUID>