add new blog entry about encryption
This commit is contained in:
Nico Schottelius
parent
3adc6ed393
commit
b29c45ef07
2 changed files with 65 additions and 6 deletions
|
|
@ -0,0 +1,59 @@
|
|||
[[!meta title="How to enable encrypted swap in Alpine Linux"]]
|
||||
|
||||
## TL;DR
|
||||
|
||||
There is no TL;DR, because it is so easy that any summary would be too
|
||||
long.
|
||||
|
||||
The steps are so simple:
|
||||
|
||||
### Edit /etc/conf.d/dmcrypt
|
||||
|
||||
Checkout the samples and enable swap like this:
|
||||
|
||||
swap=crypt-swap
|
||||
source='/dev/nvme0nXXX'
|
||||
|
||||
(obviously set the correct *source* device)
|
||||
|
||||
### Start dmcrypt
|
||||
|
||||
Run
|
||||
|
||||
/etc/init.d/dmcrypt start
|
||||
|
||||
### Enable swap
|
||||
|
||||
swapon /dev/mapper/crypt-swap
|
||||
|
||||
|
||||
### Make it persistent
|
||||
|
||||
# Enable automatic start
|
||||
rc-update add dmcrypt
|
||||
|
||||
# Enable automatic swapon
|
||||
echo /dev/mapper/crypt-swap swap swap defaults 0 0 >> /etc/fstab
|
||||
|
||||
## Background
|
||||
|
||||
Until today I did not know (or care) how to enable swap in Alpine
|
||||
Linux. As firefox (sic!) is killing my system more often these days, I
|
||||
decided to enable swap using a partition I left for it some years ago.
|
||||
|
||||
As I did not know how it works, I grep'ed for crypt through
|
||||
/etc/init.d, found the dmcrypt init script quickly which references
|
||||
/etc/conf.d/dmcrypt. I opened the config file and within minutes my
|
||||
encrypted swap was up.
|
||||
|
||||
Note that above instructions will reset/re-encrypt swap on every boot
|
||||
and thus no suspend to disk works with it. That's fine with me, as
|
||||
that is not a feature I am ever going to use.
|
||||
|
||||
The point I need to make is that at the moment there is no single
|
||||
other Linux distribution out there that I know off that is allowing me
|
||||
to make changes, even those which I don't know yet how to, that easily
|
||||
and I want to say many thanks for keeping Alpine Linux as simple as
|
||||
other Linux distributions used to be in the 90's.
|
||||
|
||||
[[!tag alpinelinux security]]
|
||||
|
|
@ -16,9 +16,9 @@ use IkiWiki::Setup::Standard {
|
|||
# users who are banned from the wiki
|
||||
banned_users => [],
|
||||
# where the source of the wiki is located
|
||||
srcdir => '/home/nico/nico.schottelius.org',
|
||||
srcdir => '/home/nico/vcs/www.nico.schottelius.org',
|
||||
# where to build the wiki
|
||||
destdir => '/home/services/www/nico/www.nico.schottelius.org/www',
|
||||
destdir => '/tmp/www.nico.schottelius.org',
|
||||
# base url to the wiki
|
||||
url => 'https://www.nico.schottelius.org/',
|
||||
# url to the ikiwiki.cgi
|
||||
|
|
@ -284,9 +284,9 @@ use IkiWiki::Setup::Standard {
|
|||
# extra template directories to add
|
||||
#add_templates => [qw{/home/users/nico/.ikiwiki/templates}],
|
||||
|
||||
git_wrapper => '/home/services/git/nico.schottelius.org/hooks/post-update',
|
||||
git_wrappermode => '06755',
|
||||
gitorigin_branch => 'origin',
|
||||
gitmaster_branch => 'master',
|
||||
# git_wrapper => '/home/services/git/nico.schottelius.org/hooks/post-update',
|
||||
# git_wrappermode => '06755',
|
||||
# gitorigin_branch => 'origin',
|
||||
# gitmaster_branch => 'master',
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue