encfs always runs a configuration assistant when creating a new volume, so this needs to be done manually: systemctl stop postgresql@12-main mv /var/lib/postgresql /var/lib/postgresql.old encfs /var/lib/postgresql_encrypted /var/lib/postgresql --public Pick p (paranoia mode) and enter the password from the data bag twice mv /var/lib/postgresql/* /var/lib/postgresql/ systemctl start postgresql@12-main This is running on centaurus and is mounted automatically on boot by a system unit Refs #129
11 lines
244 B
Desktop File
11 lines
244 B
Desktop File
[Unit]
|
|
Description=EncFS for PostgreSQL data dir
|
|
Before=postgresql@12-main.service
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStart=/usr/local/bin/mount_pg_encfs
|
|
ExecStop=/bin/umount /var/lib/postgresql
|
|
[Install]
|
|
WantedBy=multi-user.target
|