Hi. I'm using Proxmox 6.1 with Debian buster as host (and as guest while this is possible). I use several containers and in one I need to have a crypted mount point (it could even be the whole container). So, I use a lvmthin for just the system and a non-lvmthin for the data, and this is what needs to be encrypted. I have the lvm for this data manually encrypted via luks and from the host I can manually open and mount, but now I need to use it as mount point. Here is where problems arise. I haven't found any doc about how to manage this, so if I can create a custom script that hook on startup where allows the pass to be typed via console (I don't want any automatic decryption and mount) this could do the work. I've also thought about opening permissions for the volume in the host, but I've found that error-prone because I don't there's a storage for the decrypted volume. So, I don't know how to name a script (if there's any predefined way) so only the specific vm can run this script, I guess via the VMID (and I think that in the old days with openvz this was easier). The main problem for this is that the device is unavailable from the guest container.
Also, as long as the lv is encrypted, I don't care the encryption method for the vm disk, for if there's some existing method that could work for this.
Has anybody faced this problem and solved successfully? Thanks in advance.
Also, as long as the lv is encrypted, I don't care the encryption method for the vm disk, for if there's some existing method that could work for this.
Has anybody faced this problem and solved successfully? Thanks in advance.