On 04/19/2022 09:57 AM, Roberto Ragusa wrote:
On 4/18/22 1:27 PM, H wrote:
I have a new computer with 2 x 2TB SSDs where I wanted to install C7 and use mdadm for RAID1 configuration and encrypting the /home partition. On the net I found https://tuxfixer.com/centos-7-installation-with-lvm-raid-1-mirroring/ which I adopted slightly with respect to partition sizes, using RAID1 for /boot and /root as well and added the /home partition with RAID1 and chose to have /home encrypted.
It may be a good idea to also have / and swap encrypted, since user data can go there easily (logs, locatedb, swapped mem).
I would do:
- /boot as a separate RAID1 (md1=sda1+sdb1)
- then another RAID1 (md2=sda2+sdb2) using all the remaining disk
- luks on top of md2, giving you luks-xxxxx
- LVM with a PV on luks-xxxxx
- VG and LVs for swap, / and /home (do not assign all the available space now, especially if using xfs as filesystem)
Not sure if you can do this setup through the installer, you have to try (in a VM maybe).
Regards.
Thank you. I will have time to get back to this system tomorrow to try this.