On 04/19/2022 09:57 AM, Roberto Ragusa wrote:> On 4/18/22 1:27 PM, H wrote:
>> I have a new computer with 2 x 2TB SSDs where I wanted to install C7
and use mdadm for RAID1 configuration and encrypting the /home partition. On the
net I found
https://tuxfixer.com/centos-7-installation-with-lvm-raid-1-mirroring/ which I
adopted slightly with respect to partition sizes, using RAID1 for /boot and
/root as well and added the /home partition with RAID1 and chose to have /home
encrypted.
>
> It may be a good idea to also have / and swap encrypted, since user data
can go there easily
> (logs, locatedb, swapped mem).
>
> I would do:
> - /boot as a separate RAID1 (md1=sda1+sdb1)
> - then another RAID1 (md2=sda2+sdb2) using all the remaining disk
> - luks on top of md2, giving you luks-xxxxx
> - LVM with a PV on luks-xxxxx
> - VG and LVs for swap, / and /home (do not assign all the available space
now, especially if using xfs as filesystem)
>
> Not sure if you can do this setup through the installer, you have to try
(in a VM maybe).
>
> Regards.
>
Thank you. I will have time to get back to this system tomorrow to try this.