Fellow selfhoster, do you encrypt your drives where you put data to avoid privacy problems in case of theft? If yes, how? How much does that impact performances? I selfhost (amongst other services) NextCloud where I keep my pictures, medical staff, …in short, private stuff and I know that it’s pretty difficult that a thief would steal my server, buuut, you never know! 🤷🏻‍♂️

  • @onlinepersonaEnglish
    05 months ago

    I did have to make sure some services were fault tolerant if an encrypted volume was unavailable when the OS booted

    How did you achieve that? systemd dependency?

    Anti Commercial-AI license

    • @[email protected]English
      25 months ago

      I’m pretty sure I didn’t mess with systemd, though that would probably be the right way to handle it.

      I was able to update a runtime config so if any storage wasn’t available it just halted the service. Then I created a short script I’d invoke manually which decrypted the luks drives and brought the dependent services up. I also added monitoring to alert me when the drives weren’t available for whatever reason.