Disk encryption

Summary
Yunohost needs to offer disk encryption to the masses.

Problem
I see no docs or FAQ about disk encryption. If your Raspberry holds all your valuable data and somebody steals it, he’ll have it all!
OTOH, if you are not careful, you could lose it yourself.

Solution
Yunohost should offer disk encryption. Encrypting data should be enough. Behind the scenes it could use a partition, or could create a block device and mount it (if partitioning is too much).

UX
When encrypting, the UI would ask you for a password or let you plug in an USB to be used as decryption key. Also it would ask you size, and tell you the pros and cons in an Understandable way.
When blocked, the UI would display a message asking your encryption password or telling you to plug in your security USB drive.
Another UI should let you modify the password or USB drive.

Alternatives
No encryption. Not a good one, though. Current situation.

This is I think a quiet complex question.
On my side, I encrypted 2 disks on my server (root and data, backups are not on an encrypted disk but are encrypted on their own), but I did this manually.

You can not know in advance how YunoHost will be used, on which hardware, with how many disks, the importance of each disk, the access the admin have on the machine, etc…

For exampje, for a few years, I had a backup server as a raspi + external HDD at my father’s house.
In this case, the root partition should not be encrypted because I would have no way to enter the password on boot.

In my current state, 2 out of 4 disks need encryption (no need to encrypt twice).

If you only have 1 disk and want to encrypt it, there is no way to have a web interface to enter the password as the web servers are on this disk and decryption is needed to have them.

So I think that this is way too complicated and dependant on the use cases to have a standard implementation :frowning_face:

A documentation to guide users would be great.

However, if we aim to give self-hosting sovereignty to non-techies, we need to make this straightforward and working out of the box, don’t you think?

Docs would be a good starting point indeed.

Hi,

Indeed, and as the devs are already overloaded with work, everyone is welcome to contribute to the documentation (including you :wink: ).

As for the automation of the server encryption, I don’t know. This would be awesome indeed. But that’s so complex to implement and there is so much corner case (e.g. depending of the hardware, you have different kernel versions)

The project https://internetcu.be/ (basically Yunohost + vpnclient + hotspot on Lime 1/2) was offering the possibility to do an installation with full disk encryption (you could unlock your Yunohost via a web page), but it’s no longer supported. The maintainers got some big issues with a major upgrade of the Linux sunxi kernel.

So some work has already been done in the past to achieve this (only for the lime 1 and 2), but it’s not sufficient to want it to happen, people have too give a considerable amount of time to implement this and most importantly to maintain it (or the lambda user could have a broken system that won’t even startup anymore).