Last active
May 25, 2019 23:29
-
-
Save saponace/f2be6205bbd03e3a13250c9c57a83433 to your computer and use it in GitHub Desktop.
RAID1 disk setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Let /dev/sdb be the disk. | |
| # Create partition | |
| sudo cfdisk /dev/sdb -> cerate partition /dev/sdb1 | |
| # Initialize disk data with random bits | |
| sudo shred --verbose --random-source=/dev/urandom --iterations=3 /dev/sdb1 | |
| # Create the cryptographic device (leave hash and iter-time to default values if the drive will be mounted on a slow device) | |
| sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/sdb1 | |
| # Open device | |
| sudo cryptsetup open --type luks /dev/sdb1 DEVSDB1 | |
| # Format partition | |
| sudo mkfs.ext4 -L PARTITIONLABEL /dev/mapper/DEVSDB1 | |
| # Close device | |
| sudo cryptsetup luksClose DEVSDB1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let sdb and sdc be these two disks | |
| # encrypt the disks with luks (leave hash and iter-time to default values if the drive will be mounted on a slow device) | |
| sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/sdb | |
| sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/sdc | |
| # Unlock these two disks | |
| sudo cryptsetup luksOpen /dev/sdb sdbmapper | |
| sudo cryptsetup luksOpen /dev/sdc sdcmapper | |
| # Create the Btrfs RAID1 | |
| sudo mkfs.btrfs -L VOLUME_NAME -m raid1 -d raid1 /dev/mapper/sdbmapper /dev/mapper/sdcmapper | |
| # Mount one of the drives of the RAID1 | |
| sudo mount /dev/mapper/sdbmapper /mnt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let sdb and sdc be these two disks | |
| # Create the mdadm RAID1 | |
| sudo mdadm --create /dev/md0 --chunk=4 --level=1 --raid-devices=2 /dev/sdb /dev/sdc | |
| # OR assemble an existing array | |
| sudo mdadm --assemble --scan --verbose /dev/md0 /dev/sdb /dev/sdc | |
| # Encrypt the RAID array with luks (leave hash and iter-time to default values if the drive will be mounted on a weak cpu device) | |
| sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/md0 | |
| # Unlock the encrypted array | |
| sudo cryptsetup luksOpen /dev/md0 md0mapper | |
| # Format partition | |
| sudo mkfs.ext4 -L PARTITIONLABEL -b 4096 -E stride=8 /dev/mapper/md0mapper | |
| # Close device | |
| sudo cryptsetup luksClose md0mapper | |
| # DeOpen+mount partition | |
| sudo cryptsetup luksOpen /dev/md0 md0mapper | |
| sudo mount /dev/mapper/md0mapper /mnt | |
| # Umount+close partition | |
| sudo umount /mnt | |
| sudo cryptsetup luksClose md0mapper |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment