I acquired a Tiny/Mini/Micro PC to be my starter homelab, nothing fancy just a 4-core i5 from 2012 and 16gb non-ecc ddr3 with a 1TB SATA SSD (The SSD cost almost as much as the PC itself).
Goal is for this to be various things including PiHole, backup of other devices, log collection and analysis (maybe, depends how much it will write to the SSD), image storage and browsing (using photoprism probably), a rarely used Win10 VM (I run linux on desktop so it will only be spun up when needed for something windowsy), and don't know what else.
I installed proxmox using ext4 and LVM using defaults.
Now, I want to share a good chunk of this SSD, perhaps 500-600GB with various VMs and containers, and to be able to connect to this chunk from my desktop as well. To make things complicated I want this volume to be encrypted (I guess using LUKS), and to be able to mount different directories in this volume on different CTs/VMs, for example my photo storage VM/CT doesn't need to see my documents backup folder, there should be a way to mount only the specifics and to prevent access to other parts via permissions or passwords.
I want to avoid installing FreeNAS or the like into a VM, given they are resource hungry and my resources are limited on this tiny thing. I tried looking in the proxmox GUI at the Directory and NFS and mount points but didn't really see what I need.
First, I'm thinking that I perhaps messed up by installing using defaults, that I should have not let this chunk of space I need be part of local-lvm where disk images are stored. That I maybe should have left this space out of the initial installation and then created a LUKS partition manually and then perhaps added it as a NFS share in the GUI after I manually mount it, does this sound right? I can either repartition or reinstall, its not a big deal. Not quite sure how this would work after a reboot with having to decrypt the drive manually first. It would be nice if this chunk could later be expanded/shrunk as needed, but not absolutely necessary as it sounds like asking for too much.
Another idea I had is perhaps a lightweight linux VM that would be given this partition as a physical disk passthrough and use full-disk encryption LUKS in there and then share it via NFS manually which would use less resources than a full-blown GUI-based NAS VM, but this seems also like a waste of resources given that proxmox has an NFS feature already.
I could just LUKS the entire proxmox install, but then I lose the ability to unlock it remotely in case of power loss.
Any advice or ideas or best practices to do something like this in proxmox without wasting too many limited resources? Seems to me like repartitioning and passing this partition as a block device to a VM to be further shared via NFS is a reasonable choice?
Goal is for this to be various things including PiHole, backup of other devices, log collection and analysis (maybe, depends how much it will write to the SSD), image storage and browsing (using photoprism probably), a rarely used Win10 VM (I run linux on desktop so it will only be spun up when needed for something windowsy), and don't know what else.
I installed proxmox using ext4 and LVM using defaults.
Now, I want to share a good chunk of this SSD, perhaps 500-600GB with various VMs and containers, and to be able to connect to this chunk from my desktop as well. To make things complicated I want this volume to be encrypted (I guess using LUKS), and to be able to mount different directories in this volume on different CTs/VMs, for example my photo storage VM/CT doesn't need to see my documents backup folder, there should be a way to mount only the specifics and to prevent access to other parts via permissions or passwords.
I want to avoid installing FreeNAS or the like into a VM, given they are resource hungry and my resources are limited on this tiny thing. I tried looking in the proxmox GUI at the Directory and NFS and mount points but didn't really see what I need.
First, I'm thinking that I perhaps messed up by installing using defaults, that I should have not let this chunk of space I need be part of local-lvm where disk images are stored. That I maybe should have left this space out of the initial installation and then created a LUKS partition manually and then perhaps added it as a NFS share in the GUI after I manually mount it, does this sound right? I can either repartition or reinstall, its not a big deal. Not quite sure how this would work after a reboot with having to decrypt the drive manually first. It would be nice if this chunk could later be expanded/shrunk as needed, but not absolutely necessary as it sounds like asking for too much.
Another idea I had is perhaps a lightweight linux VM that would be given this partition as a physical disk passthrough and use full-disk encryption LUKS in there and then share it via NFS manually which would use less resources than a full-blown GUI-based NAS VM, but this seems also like a waste of resources given that proxmox has an NFS feature already.
I could just LUKS the entire proxmox install, but then I lose the ability to unlock it remotely in case of power loss.
Any advice or ideas or best practices to do something like this in proxmox without wasting too many limited resources? Seems to me like repartitioning and passing this partition as a block device to a VM to be further shared via NFS is a reasonable choice?
