I havre a fresh installation of qubes running on my internal /dev/sda drive. Now, I have a secondary LUKS encrypted internal drive at /dev/sdb. What I want to do, is automatically mount the secondary drive at boot, and then be able to backup my qubes (Using qubes backup application) directly to the secondary encrypted drive.
I have followed the Example HDD setup for installing a secondary drive, but those instructions assume that you want to use the secondary drive to run current qubes off of, not a backup drive.
My problem is that when trying to add my secondary drive in the qubes backup tool, I don’t know the location of the secondary drive, and its path is not showing up in any directories. So essentially, I can’t save my backups to the external drive, because I don’t know where the external drive is actually mounting to. In regular ubuntu, i would just mount /dev/sdb to /mnt/secondaryDrive and then tell the backup tool to save its backups to /mnt/secondaryDrive. But for qubes, there is nothing in the instructions indicationg where your mounted crypted secondary volume can be located after mount.
-
What do I have to do (step by step instructions would be great), to automount the secondary encrypted disk at boot, and then back all of my qubes to the encrypted drive?
-
Are creating poolhd0 and vgcreate cubes necessary steps since I am only using this secondary drive as a backup drive and NOT as an extra main drive that stores currently working Qubes on?
-
How do the instructions in Example HDD setup differ from instructions I would need to create a dedicated backup drive for Qubes VM’s? Please write down step by step instructions if you can.
Thanks
Why not create an AppVM that will take all the space of the secondary storage and that is dedicated to this purpose? You will be able to use it easily with the Qubes backup tool.
Otherwise it’s more about LVM than Qubes itself? I guess you need to create a logical volume with something like this:
lvcreate -n internal_backup -V 100G --thinpool poolhd0 qubes
(After this step:)
sudo lvcreate -T -n poolhd0 -l +100%FREE qubes
You should be able to mount /dev/poolhd0/internal_backup …
1 Like
I’m not sure what you mean by making an AppVM that is “dedicated to this purpose”. What purpose? How can an appVM work in place of qubes backup tool to an extra internal hard drive?
Per the second configuration you suggested:
Will this be auto-mounted at boot, and will LUKS encryption still work when using the second option you posted?
@parulin probably means that you can create a dedicated AppVM on your secondary internal drive, and use it as a target for backups in the Qubes Backup tool.
Exactly, you need to create a new appVM with Create New Qube tool:
- change the name and the label to what you want
- select Launch Qube Settings after creation
- remove Network connection
- in Advanced options, select
poolhd0 as a Storage pool
Then, after creation, in the Settings: newqubename window:
- uncheck the Include in backups by default box
- set Private storage max size to the apropriate space for your backups
I never tried the second configuration with QubesOS but it’s not specific to this OS:
- follow the instructions in Example HDD Setup until the
qvm-pool commands (don’t use these commands)
- create a LVM logical volume inside the
poolhd0 thin pool with lvcreate
- create a filesystem on it (you can use
mkfs)
- edit
/etc/fstab to automount it
All the LVM thing happens inside the encrypted LUKS container.