cryptops-api --root-device=DEV --crypt-name=LABEL [--notify-command=COMMAND]
--root-device=DEVoption is mandatory.
DEVshould be the root device of the machine, like
When the root device is still unencrypted (for example when starting cryptops-api for the first time), this should be an unpartitioned device, with the file system spanning the whole device.
As part of the encryption process, this device will be partitioned and the encrypted contents will be stored on the second partition, but DEV should still point to the whole device, as before.
--crypt-name=LABELoption is mandatory.
LABELwill be used by cryptsetup to name the encrypted volume. This will be visible to the operating system, as the decrypted root disk is available at
--notify-command=COMMANDoption is optional. The given
COMMANDwill be run whenever cryptops-api detects that the root device needs the user to enter their password to continue the booting process. You can use this to notify the user of this situation.