summaryrefslogtreecommitdiff
path: root/vmdb/plugins/luks.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'vmdb/plugins/luks.mdwn')
-rw-r--r--vmdb/plugins/luks.mdwn33
1 files changed, 0 insertions, 33 deletions
diff --git a/vmdb/plugins/luks.mdwn b/vmdb/plugins/luks.mdwn
deleted file mode 100644
index 663d7b7..0000000
--- a/vmdb/plugins/luks.mdwn
+++ /dev/null
@@ -1,33 +0,0 @@
-Step: luks
------------------------------------------------------------------------------
-
-Set up disk encryption using LUKS with the `cryptsetup` utility. The
-encryption passphrase is read from a file or from the output of a
-command. The encrypted disk gets opened and can be mounted using a
-separate tag for the cleartext view.
-
-Step keys:
-
-* `cryptsetup` — REQUIRED; value is the tag for the encrypted
- block device. This is not directly useable by users, or mountable.
-
-* `tag` — REQUIRED; the tag for the de-crypted block device.
- This is what gets mounted and visible to users.
-
-* `key-file` — OPTIONAL; file from where passphrase is read.
-
-* `key-cmd` — OPTIONAL; command to run, passphrase is the first
- line of its standard output.
-
-Example (in the .vmdb file):
-
- - cryptsetup: root
- tag: root_crypt
- key-file: disk.pass
-
-Same, except run a command to get passphrase (in this case
-[pass](https://www.passwordstore.org/)):
-
- - cryptsetup: root
- tag: root_crypt
- key-cmd: pass show disk-encryption
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-07 15:10:25 +0000