Overview

Encryption

Encryption is featured by default.

Encrypted mount with gpg and zfs

create key

dd if=/dev/urandom of=/tmp/backup-key bs=32 count=1

Save key in pass

cat /tmp/backup-key | pass insert -m zfs/backup-dataset

delete key
```
shred -u /tmp/backup-key
```

create new dataset

now lets create the new dataset with the newly created password which is saved in pass.

sudo zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///dev/stdin rpool/backups <<< $(pass zfs/backup-dataset)

unmount dataset

you need to unmount not only your encrypted dataset but also the key like this:
```
sudo zfs unmount rpool/backups
sudo zfs unload-key rpool/backups
```

mount dataset

If you want to mount the dataset it would be possible like that:

pass zfs/backup-dataset | sudo zfs load-key rpool/backups
sudo zfs mount rpool/backups

send encrypted snapshots

sudo zfs snapshot rpool/home@backup-$(date +%Y%m%d)
sudo zfs send -w rpool/home@backup-$(date +%Y%m%d) > /mnt/externe-platte/backup.zfs

Integrated Volume Manager

Compression

lz4

Reduces disk space usage usage. It's also fast and could increase performance as fewer data gets written. It's also what's almost gets recommended for typical usage.

Performance

The performance increase is noticable when the disk is the bottleneck.

As data gets written on the disk, ZFS is already compressing it on the go.

lf4 cpu usage is minimal higher with compression turned on, is unsignificantly higher than without.
1. Where does performance matter?
  1. slow HDD's and SSDs
  2. sequential copy such as backups
  3. data which is able to be compressed such as text files

Benefits for everyday usage

More space is available while keeping the same performance if not benefiting of the compression.

Commands

How to check which type of compression the pools and datasets are using
```
zfs get compression
```
Snapshots
```
zfs get snapshots
```

Personal

I realized that i did not had lz4 compression turned on for my devices but instead zstd.

If enough disk space is available it's also possible to do an inplace compression.

change the compression type to lz4

[cashmere@x12:~/nix/hosts/x220]$ sudo zfs set compression=lz4 rpool/home

[cashmere@x12:~/nix/hosts/x220]$ sudo zfs set compression=lz4 rpool/nix

[cashmere@x12:~/nix/hosts/x220]$ sudo zfs set compression=lz4 rpool/root

[cashmere@x12:~/nix/hosts/x220]$ sudo zfs set compression=lz4 rpool/var

check if changes where successfully

[cashmere@x12:~/nix/hosts/x220]$ zfs get compression
NAME        PROPERTY     VALUE           SOURCE
rpool       compression  lz4             local
rpool/home  compression  lz4             local
rpool/nix   compression  lz4             local
rpool/root  compression  lz4             local
rpool/var   compression  lz4             local

Snapshots

Snapshots are read-only point-in-time copies of your file system. They initially take up 0 bytes of space and only store changes (deltas) at later points in time. If you delete or change a file, the old version remains in the snapshot.

Commands

create snapshots

sudo zfs snapshot rpool/home@backup-vor-update

list snapshots
```
zfs list -t snapshot
```

delete snapshots

sudo zfs destroy rpool/home@backup-vor-update

rollback snapshots

sudo zfs rollback rpool/home@backup-vor-update

Tools

Programs like sanoid allow automatic backup scheduling for zfs filesystems.

Pool

Datasets

Datasets are similar to different partitions. they can have different features such as the type of compression or encryption.

Use cases

ZFS pools and datasets allows to create specific let's call it partitions for different use cases.

Gaming

The recordsize=1M is optimal for large sequential reads (games loading assets). Then just move the Steam Library there.

zfs create -o compression=lz4 -o recordsize=1M rpool/games

Virtual Machines

ZFS is perfect for VMs. You can create a dataset for each VM, take snapshots before updates, and easily clone VMs.

zfs create -o compression=lz4 rpool/vms
zfs create -o volblocksize=16k rpool/vms/windows11

Backups/Replication

zfs send -i rpool/home@alt rpool/home@neu | ssh anderer-rechner zfs receive backup/home

Send/Receive

One of the features which impressed me are the subcommands send and receive. They are self explained. You may send and receive your snapshots. But that's not all.

Let's start combine it with another command which i just absolutely love.

Or wait let Pewds explain it:

GLORIOUS SSH.

Use cases

Local backup

Create a backup

Now this one is simple.

First let's create a backup.
```
zfs snapshot pool/dataset@backup1
```
And then we send it to wherever we want:
```
zfs send pool/dataset@backup1 > /mnt/external-storage/backup.zfs
```

Restore a backup

Now let's restore it:

zfs receive pool/dataset-wiederhergestellt < /mnt/externe-platte/backup.zfs

Remote Backup through glorious SSH

Now here is the part where the fun starts:

As the snapshots are basically just files you may utilize SSH to send over your data to wherever you want:
```
zfs snapshot pool/dataset@heute
zfs send pool/dataset@heute | ssh backup-server zfs receive backup-pool/mein-laptop
```

Resources

ZFS on NixOS | return 12; // good enough for now Using GnuPG to unlock your ZFS dataset on boot (in NixOS) - Hexadecimal's Blog

cashmere

ZFS

Overview

Encryption

Encrypted mount with gpg and zfs

Integrated Volume Manager

Compression

lz4

Benefits for everyday usage

Commands

Snapshots

Commands

Tools

Pool

Datasets

Use cases

Gaming

Virtual Machines

Backups/Replication

Send/Receive

Use cases

Resources

questions for later

1. lz4

werden daten wie bilder und videos allgemein nicht kleiner wenn man sie archiviert?

verwende ich aktuell ueberhaupt lz4?

vorteile zu btrfs

2. arc cache

incremental backup