Documentation: error concerning encryption

Hi all,

Documentation (Local Development Setup) says

:warning:vagrant up will fail if you are using encrypted folders/hard drives

That is wrong on Linux. I work on a fully encrypted machine and have no issue at all (Arch Linux).
It does not make sense anyway: drive encryption is transparent to all applications. Either decryption happens at boot time or at mount time. But in any case, if you can browse to it, then you can work with it. Cryptography is either handled by dm-crypt or openssh, but never by applications.

I do not know for sure where this line comes from.
NFS issues on my machine were related to version incompatibilities Arch supports only NFS 4. I solved it in the following way:

trellis/Vagrantfile

- config.vm.synced_folder local_site_path(site), nfs_path(name), type: 'nfs'
+ config.vm.synced_folder local_site_path(site), nfs_path(name), type: 'nfs', nfs_version: 4, :linux__nfs_options => ["no_root_squash", "rw"]

- config.vm.synced_folder ANSIBLE_PATH, '/ansible-nfs', type: 'nfs'
+ config.vm.synced_folder ANSIBLE_PATH, '/ansible-nfs', type: 'nfs', nfs_version: 4, :linux__nfs_options => ["no_root_squash", "rw"]

Please correct the documentation and provide the above fix if you consider appropriate.

1 Like

I believe that line in the documentation is there because the official Vagrant docs, as linked in the quoted line, mention that NFS compatibility with encrypted drives/directories is spotty:

Encrypted folders: If you have an encrypted disk, then NFS very often will refuse to export the filesystem. The error message given by NFS is often not clear. One error message seen is <path> does not support NFS . There is no workaround for this other than sharing a directory which is not encrypted.

We’ve also has several reports of encrypted drives causing problems with Vagrant.

Thank you very much for sharing your solution, and I hope it’ll be helpful to people running into the same problem! However, so long as the Vagrant docs claim that Vagrant is largely incompatible with encrypted drives/directories, I’d feel uncomfortable if our documentation didn’t reflect that.

If the Vagrant doc mentions it, there might be something. They mention NFS4 + UDP incompatibility right next to it though.
If I recall, my first work-around NFS issues was forcing TCP, until a Trellis update broke it. At that time I found out about my new solution.
I did try sharing an unencrypted folder from an external drive, which did not help.
So IMHO, this is rather related to misleading error messages.
Maybe at least mention “might fail”, as I know for sure it does work with encryption, at least on some setups?

If you’d like to suggest alternate phrasing or include your workaround, we’re always happy to review pull requests for the docs: https://github.com/roots/docs/blob/docs/trellis/local-development-setup.md