Hey everyone.
I’m looking to setup a workstation on tumbleweed for general home/work use, with some vms and containers to host some home media and documents, etc.
Basically I only have one new piece of hardware to do it on, so I’m going to try to make one piece of hardware do it all.
I have a couple of questions:
I’m wondering if btrfs is suitable performance wise for a few vms and containers (nextcloud, some media solution for phones, and small few user database development workloads), OR do I need to go through the trouble of splitting my 2 TB nvme disk that the OS is on into btrfs and lvm/xfs?
(i.e. should I just take the guided btrfs setup and soldier on?)
Currently I am struggling to find a way in the installer to mount an encrypted lvm partition at boot time. Does the installer support this?
(In the past I’ve done it manually with distros like arch, but, I took the simple approach of just using a hidden file with plain text password, with the assumption that someone has to type in a password to boot from root anyway).
I don’t think I have a tpm, because at the time I bought my mobo, the chips were in short supply.
Does anyone bother encrypting swap? or /boot? (if thats even possible)
Strangely enough I couldn’t seem to find a way to create a filesystem on a logical volume outside of the OS partition in the installer either. Is there a way to do this?
I cannot comment on “btrfs” performance, since I have mainly used “ext4” here.
I have never had a problem with encrypted “lvm”. I’ve been doing that for maybe 15 years (LUKS encryption). When the Yast installer starts, it prompts for encryption passphrase. And then the lvm volumes are shown in expert partitioner and can be selected for the install.
Yes, I encrypt swap – as part of the encrypted LVM. On some of my systems, “/boot” is part of the encrypted root file system. On others, I leave “/boot” unencrypted.
When I use the Yast expert partitioner, there is an option to encrypt a partition. I select the partitition and click on “Edit” and it gives me that option in the panel to format the partition.
Do you use snapper with lvm thin pools to do entire system rollbacks (like is advertised with btrfs)?
Have you ever had issues in a power outage? (i.e. the suse manual mentions that lvm is prone to data loss in a power outage, which I’ve never seen in the friendly manuals before).
I tried using thin pools just once. And that happened to be on a system where I wanted “/boot” to be part of the encrypted root file system. It turned out that “grub” cannot handle thin provisioning.
Only once. On that occasion it booted to “emergency” mode. I had to boot from the install media, manually unlock the encrypted LVM, and then run “fsck” on the root volume.