NixOS/Clevis
Unattented disk decryption with Clevis on NixOS
Whether they should or not, organisations are moving their data to third party servers (aka the "cloud"). While full disk encryption of servers should be an everywhere standard in order to protect the sensitive data that they inevitably hold, its adoption is still lagging. This isn't just lack of awareness, but also part of the tooling is missing. With full disk encryption comes a big pain point: restarting the server needs for the root file system to be unlocked before booting the OS.
While it is possible to remotely log into a server to unlock it remotely, this does create a dependency on a human operation in order to boot a server without compromising security. This is sometimes a non-acceptable drawback : it rules out unattended reboots, recovery from power loss, and it doesn’t scale well with the number of servers.
This project will make on disk encryption with remote unlocking part of NixOS - bringing together a number of innovative mechanisms such as system extensions images and stage1-networkd. While this does not make using the cloud safe and private in and by itself (this is impossible), it will contribute to make it somewhat more safe and more private.
Additionally the project will port the Proxmox Hypervisor on NixOS, in order to benefit from NixOS-style declarative host configuration and deployment (which is very valuable when managing a cluster of machines to avoid configuration rot). ProxMox is a hypervisor that can run little to middle sized VM clusters and is capable of handling multi-node clusters.
- The project's own website: https://nixos.org
This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.