Recent content by Bugbear

Hi @andre78, you need to catch up on the # Setup systemd service for automatic unlocking of rpool/data on boot section for automatic unlocking of rpool/data on boot. Otherwise you'd need to execute `zfs load-key -a` on every reboot.

Hi @dynostatic, I'm sorry for this issue. Please try the "Encrypt rpool/data" section before the "Prepare for chroot" section and thus before importing the pool. EDIT: I just updated the guide so this workaround won't be needed anymore. Should work flawlessly now.

Hey @Dunuin , thank you very much for the feedback! Dropbear is truely neat (and easy to set up with PrivSecs guide from above), personally I'll just use an IP-KVM. Good catch with rpool/data! Totally forgot that ... I just added it to the guide. As for the simplefb-module I wondered too...

Hello there! I really like the idea of having the full root-filesystem encrypted using native ZFS encryption (only). However, as I currently couldn't find any complete writeup on on this topic, here's what worked for me (with and without Secureboot on PVE 8.1): 1. Install with zfs (RAID0 for...

Hi! +1 from me too. Very happy to see this security feature in Proxmox :)

@Dunuin Ok, noted! However currently I have not (yet ..?.) got around to using clustering. PS: Applying ZFS encryption manually on top of PVE doesn't seem that hard, e.g. this guide.

I would have never thought of this :O Thank you so much @leesteken! Yeah ... of course it should be possible to do technically "RAID0" striping accross only one drive ... Genius ... Cheers!

Hi! I'm really wondering why the Proxmox Installation Wizard doesn't offer an option for ZFS without any RAID(Z) setup. Some benefits of ZFS rely heavily on RAID(Z), but many don't: Copy-on-write, integrity checksums, snapshot features, deduplication, native block-level encryption, etc...

Thank you for this update @tom! I really appreciate the efforts in this matter!

Hi! It's the first time, that I tried to install a Proxmox server with UEFI Secure Boot enabled today and realized that it would not work. Even the PVE8 docs (https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm#PVE_Kernel_fails_to_boot) tell that Secure Boot should just be...

Hi, While researching this I stumbled up on an older thread discussing bind mounts to Linux Containers and UID/GID mapping here. The unanswered question @John Driessen asked can't get out of my head: Normally when we think about unprivileged LXC it's ID on host = ID on guest + 100 000. But...

Ah, okaaay ... So to make sure I understood it correctly: Creating multiple VLAN sub-interfaces (vmbr0.100 & vmbr0.200) wouldn't make lots of sense as you (normaly) can only have one gateway for the PVE management, right? EDIT: I just realized myself that the above sentence is nonsense. In...

Still I'm not sure why you should create those VLAN sub-interfaces (vmbr0.100, vmbr0.200). What is the benefit of creating such a sub-interface inside of Proxmox when you also set the VID inside the VM settings?

Thanks @Dunuin! This makes perfectly sense ... As you (usually) should have only one default gateway. Sometimes you can't see the forest for the trees :)

What do you mean by that? Which of those (sub)interfaces will Proxmox use and is this configurable?