Storage Plugin on an encrypted device

I have an encrypted external drive (LUKS/dm-crypt, created with cryptsetup), plugged on my Turris Mox. It’s currently mainly used as an NFS share (see NAS chiffré avec un Turris | Mossroy, in French, for how I’ve set it up)
I’d like to use it with the “storage” plugin of reForis, so that /srv is transferred/mounted on it, and I can safely use lxc (while keeping the encryption)

Unfortunately, the storage plugin does not “see” my encrypted device (/dev/mapper/sda1_crypt, even if I format it with btrfs). It only sees the underlying unencrypted partition (/dev/sda1, and /dev/sda)

I’ve tried to manually mount my encrypted partition on /srv (through /etc/config/fstab), but the storage plugin does not recognize it correctly, and always asks for a reboot. Plus I still can’t create new lxc containers (for some reason, it does not seem to like my manual mount: it can execute existing containers, but can not add/delete containers)

Did anyone succeed doing so? Is there a manual way to set this partition in the storage plugin? Or should I report this improvement request somewhere else?

I use LVM for /srv and I have this in configuration


config srv 'srv'
    option raid 'custom'
    option uuid '515381a9-dd67-48e0-bb89-068db5bf9996'
    option old_uuid ''
    option syslog 0


config mount
    option uuid '515381a9-dd67-48e0-bb89-068db5bf9996'
    option fstype 'btrfs'
    option target '/srv'
    option enabled '1'

And this works:

But at first, you must unlock partition on boot.

Many thanks for your answer @petrprochy
So it’s definitely possible, that’s cool!

I’ll test that when I will be able to (probably next month), and report back here.