cryptswap #1

Description

This charm creates an encrypted swap file or partition


Overview

This charm creates an encrypted swap file or partition on your units.

Usage

This is a subordinate charm, so deployment will look something like this:

juju deploy apache2
juju deploy cryptswap
juju set cryptswap size=100M
juju add-relation apache2 cryptswap

Configuration

  • path This is the full path name to your swap device.
    If you want to use an existing partition, this will typically be something
    like /dev/sda2. Alternatively, if you want to use a swap file it can be
    any valid path (e.g. /tmp/myswapfile). The default is /swapfile.
  • size This only applies to swap files, not partitions.
    It sets the size of your swap file. Units can be used (e.g. 100M or 1G)
  • encryption_key If set, this is the key used to encrypt your
    swap device. If left empty a random key will be created.
  • store_encryption_key If "yes", your encryption key will be
    stored on the server, so that the same swap device can be re-enabled after
    a reboot. If "no", the key will not be stored and the swap device
    will be re-encrypted with a new key after a reboot.

Notes

  • You cannot (currently) change the size of an existing swap file.

Configuration

application_name
(string) Operating name of the charm
cryptswap
path
(string) The full path name of the swap file or partition
/swapfile
store_encryption_key
(string) Store the encryption key on the server or not If "no", the swap device will be re-encrypted / re-created on each reboot.
yes
encryption_key
(string) A key used to encrypt the swap file or partition If empty, will be randomly created.
size
(string) Sets how large the swap file should be. The size can contain units (e.g. 10M) For partitions, this option is ignored
0