echo YES | cryptsetup luksFormat "$LVPATH" "$KEYPATH"
cryptsetup --key-file "$KEYPATH" luksOpen "$LVPATH" "$(basename "$CRYPTPATH")"
shred -u "$KEYPATH"
-mkfs.xfs "$CRYPTPATH"
+mkfs.xfs -f "$CRYPTPATH"
# First make sure docker is not using /tmp, then unmount everything under it.
if [ -d /etc/sv/docker.io ]
then
sv stop docker.io || service stop docker.io || true
else
- service docker stop || true
+ systemctl disable --now docker.service docker.socket || true
fi
ensure_umount "$MOUNTPATH/docker/aufs"
mount -o ${MOUNTOPTIONS} "$CRYPTPATH" "$MOUNTPATH"
chmod a+w,+t "$MOUNTPATH"
+# Make sure docker uses the big partition
+cat <<EOF > /etc/docker/daemon.json
+{
+ "data-root": "$MOUNTPATH/docker-data"
+}
+EOF
+
# restart docker
if [ -d /etc/sv/docker.io ]
then
## runit
sv up docker.io
else
- service docker start
+ systemctl enable --now docker.service docker.socket || true
fi
end=$((SECONDS+60))