homelab/longhorn/encrypted-storage-class.yaml

---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: longhorn-crypto
  namespace: longhorn-system
provisioner: driver.longhorn.io
allowVolumeExpansion: true
parameters:
  numberOfReplicas: "3"
  staleReplicaTimeout: "2880" # 48 hours in minutes
  encrypted: "true"
  csi.storage.k8s.io/provisioner-secret-name: "longhorn-encryption"
  csi.storage.k8s.io/provisioner-secret-namespace: "longhorn-system"
  csi.storage.k8s.io/node-publish-secret-name: "longhorn-encryption"
  csi.storage.k8s.io/node-publish-secret-namespace: "longhorn-system"
  csi.storage.k8s.io/node-stage-secret-name: "longhorn-encryption"
  csi.storage.k8s.io/node-stage-secret-namespace: "longhorn-system"