Ok i got luks keys working with help of this
https://unix.stackexchange.com/ques...d-debian-root-with-key-file-on-boot-partition
This is somehow overkill, it works with keyscripts, e.g.:
Code:
# this does not work (in initramfs):
# sdb1_crypt UUID=65fce98c-7240-4495-9622-f334c8b79c57 /boot/my.key luks
# but this does
sdb1_crypt UUID=9dc95441-91f0-4614-85eb-ee152b1a9cfc none discard,luks,keyscript=/boot/luks/ppscript.sh
Now of course if all you want to do is
echo
/ cat
another file within the script, up to you.EDIT: ok i've added initramfs option to both crypttab entries and this time both drives are decrypted at initramfs stage. I didn't know about this option, i must read about it more.
This is should not be necessary. Maybe you ran into this?
https://unix.stackexchange.com/a/736089
EDIT2: Ok it seems like BTRFS need special kernel parameter to behave such way. Which is somewhat reasonable ...
https://forum.proxmox.com/threads/btrfs-raid1-totally-useless.124075/
This is the same for mdadm. I personally prefer (with a regular machine) not to boot on a degraded array automatically - it forces you to act. It's a recovery situation in my view, handled manually.