Fix some things, and prepare for path-based activation. Also, comment
the buggy initial dir creation and explain manual provisioning in README
for now.
Usage: Add the kosmos_encfs::default recipe to the run list of a node.
Creating the encrypted directory will keep it mounted. After a reboot,
start the encfs service and enter the password:
```
$ systemctl start encfs
encfs password:
```
For now postgresql@12-main is a hardcoded dependency of the encfs
Systemd unit that is automatically started once the user inputs the
correct password. This list of dependency will need to be different for
every server, based on the services it is running
encfs always runs a configuration assistant when creating a new
volume, so this needs to be done manually:
systemctl stop postgresql@12-main
mv /var/lib/postgresql /var/lib/postgresql.old
encfs /var/lib/postgresql_encrypted /var/lib/postgresql --public
Pick p (paranoia mode) and enter the password from the data bag twice
mv /var/lib/postgresql/* /var/lib/postgresql/
systemctl start postgresql@12-main
This is running on centaurus and is mounted automatically on boot by a
system unit
Refs #129
Basti
Greg