Figured out how to use Veracrypt containers in unRAID, now I need a little bit of a front end

engardeknave

By engardeknave
in Lounge

Recommended Posts

engardeknave Noob

engardeknave

Posted
Posted

I don't know much about Linux, but I've been researching how to get encrypted containers on unRAID working. Someone pointed out that 'cryptsetup' exists natively on unRAID and works with Veracrypt containers. I was able to create a container in Windows with the Veracrypt GUI, and then open it on the server. Basically it's just:

  

#mount
cryptsetup --type tcrypt --veracrypt-query-pim open /mnt/user/containers/vcmedia vcmedia
[password and pim are entered]
mount /dev/mapper/vcmedia

#unmount
umount /dev/mapper/vcmedia
cryptsetup close vcmedia

 

What would be the easiest way to generate a dialog box or page in the unRAID interface to request the password and pim, and then issue the commands to open the container? Ideally this would work with browser password managers.

Link to comment
primeval_god Collaborator

primeval_god

Posted
Posted

If you look at the usage section on the docker hub page you will see a bind mount that looks like this  

-v </path/to/mount/images>:"/mnt/disks":shared \

The shared flag is very important its what allows the mount points to propagate to the host.

In this case /mnt/disks is in the container and path/to/mount/images is on the host.

When you mount your images in the docker container you must mount them to a mount point (subfolder) inside /mnt/disks. The mounted directory will be under path/to/mount/images on the host.

Link to comment
engardeknave Noob

engardeknave

Posted
  • Author
Posted (edited)
18 minutes ago, primeval_god said:

If you look at the usage section on the docker hub page you will see a bind mount that looks like this  

-v </path/to/mount/images>:"/mnt/disks":shared \

The shared flag is very important its what allows the mount points to propagate to the host.

In this case /mnt/disks is in the container and path/to/mount/images is on the host.

When you mount your images in the docker container you must mount them to a mount point (subfolder) inside /mnt/disks. The mounted directory will be under path/to/mount/images on the host.

Yes, I got it to work a few minutes after posting that. I needed to choose a mount point that is a subfolder of the specified mount point. This makes it possible for unRAID and dockers to access the files, but not Windows Explorer for some reason. I tried adding permissions, but no luck. It's weird because this is not an issue when running cryptsetup directly on unRAID.

Edited by engardeknave
Link to comment
primeval_god Collaborator

primeval_god

Posted
Posted
11 hours ago, engardeknave said:

Yes, I got it to work a few minutes after posting that. I needed to choose a mount point that is a subfolder of the specified mount point. This makes it possible for unRAID and dockers to access the files, but not Windows Explorer for some reason. I tried adding permissions, but no luck. It's weird because this is not an issue when running cryptsetup directly on unRAID.

I think veracrypt has a umask (or some similar name) option in its mount prompt. Try 000 for that. Also make sure the host path is under a properly shared user share.

Link to comment
  • 2 months later...
primeval_god Collaborator

primeval_god

Posted
Posted
8 hours ago, Joshh100 said:

How were you able to mount the veracrypt volume using the docker container?

 

im able to see the volume but when I try to mount it, I get the following error:

 

No such file or directory

 

veracrypt::file::open::276

 

If yours is the same post i saw on reddit it appears that you are trying to mount a device (disk drive) rather than a file. Unfortunately I have no experience with mounting devices rather than files. 

Link to comment
  • 3 months later...
hios Noob

hios

Posted
Posted

@primeval_god, @engardeknave

 

Sorry to resurrect an old thread, but I can't figure out how to mount a veracrypt volume to a subdirectory of /mnt/disks in the container and I feel like an idiot. I can mount a veracrypt volume inside the container with no problem but, although I've specified the docker volume mount as "Read-Write - Shared," I can't see it outside the container. Where/how do I specify a subdirectory of /mnt/disks? In the docker config or in the veracrypt GUI? If it's in the GUI, then I'm completely failing to see how to do that.

Link to comment
primeval_god Collaborator

primeval_god

Posted
Posted
1 hour ago, hios said:

@primeval_god, @engardeknave

 

Sorry to resurrect an old thread, but I can't figure out how to mount a veracrypt volume to a subdirectory of /mnt/disks in the container and I feel like an idiot. I can mount a veracrypt volume inside the container with no problem but, although I've specified the docker volume mount as "Read-Write - Shared," I can't see it outside the container. Where/how do I specify a subdirectory of /mnt/disks? In the docker config or in the veracrypt GUI? If it's in the GUI, then I'm completely failing to see how to do that.

First you need to create the sub-directories within /mnt/disks that you want to mount volumes to. Then you will need to bind mount the directory /mnt/disks to a directory in the docker container using the shared flag "Shared". Lets say the directory in the container choose is /disks. Then in the VeraCrypt gui when you mount a volume you can click the button that says "Options" which will reveal an option to Mount at Directory. Use that to navigate to the sub-directory of /disks you want to mount to and select it.

  • Like 1
Link to comment
hios Noob

hios

Posted
Posted
16 hours ago, primeval_god said:

First you need to create the sub-directories within /mnt/disks that you want to mount volumes to. Then you will need to bind mount the directory /mnt/disks to a directory in the docker container using the shared flag "Shared". Lets say the directory in the container choose is /disks. Then in the VeraCrypt gui when you mount a volume you can click the button that says "Options" which will reveal an option to Mount at Directory. Use that to navigate to the sub-directory of /disks you want to mount to and select it.

 

Thank you! That worked. I figured it was something simple I was missing. For anyone with noob issues like me, here are the steps:

  1. Go into the veracrypt-gui console and create a new sub-directory under /mnt/disks, so it would be /mnt/disks/subdirectory.
  2. Not sure if it's needed, but I restarted the container.
  3. Open the veracrypt gui.
  4. After selecting the encrypted volume you want to mount and clicking the "Mount" button, click the "Options" button in the lower right of the dialog.
  5. At the bottom of the expanded dialog you'll find the option "Mount at directory." Click the "Select" button and select the new sub-directory you created.
  6. Now you can mount the volume and it should be available outside the container.
Link to comment
  • 9 months later...
Thulsa Doom Noob

Thulsa Doom

Posted
Posted (edited)

Hi!
I tried all the ways from this topic, but I couldn't find my mounted image.

I have attached screenshots

I have created a Host Path: /mnt/disk
I also created Container Path: /disks/vera there (vera is a folder that I created with my hands)

I mounted the image, but I can't find it anywhere.

 

Can you help me ?

1702385518783.png

1702385533256.png

1702385626050.png

Edited by Thulsa Doom
Link to comment
primeval_god Collaborator

primeval_god

Posted
Posted

If you open a shell in the container can you view the contents of the mounted folder at /disks/veraaa/veraaa ? There might be something wrong with using /mnt/disks on the unRAID side, i think other plugins may use that folder, not entirely sure. It looks like it should be mounted at /mnt/disks/veraaa, can you see that from the unRAID shell? 

Link to comment
Thulsa Doom Noob

Thulsa Doom

Posted
Posted
On 12/12/2023 at 5:37 PM, primeval_god said:

If you open a shell in the container can you view the contents of the mounted folder at /disks/veraaa/veraaa ? There might be something wrong with using /mnt/disks on the unRAID side, i think other plugins may use that folder, not entirely sure. It looks like it should be mounted at /mnt/disks/veraaa, can you see that from the unRAID shell? 

Yes, I rebooted several times and in Cloud Commander I saw the folders and files of the VeraCrypt container

Is there any way for this disk to be visible on the HDD page?
Or how else can you manage it

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing