basic vault scripts added
This commit is contained in:
Cyryl Płotnicki
parent
e717f1d895
commit
a69e350bbe
|
|
@ -1,57 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
mount-vault = pkgs.writeTextFile {
|
||||
name = "mount-vault";
|
||||
executable = true;
|
||||
destination = "/bin/mount-vault";
|
||||
text = ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -o pipefail
|
||||
|
||||
VERACRYPT="veracrypt"
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||
fi
|
||||
|
||||
MOUNT_TARGET=$2
|
||||
if [[ -z "$MOUNT_TARGET" ]]; then
|
||||
MOUNT_TARGET=$HOME/.vault
|
||||
fi
|
||||
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
mkdir -p "$MOUNT_TARGET"
|
||||
|
||||
MOUNT_SOURCE=$1
|
||||
if [[ -z "$MOUNT_SOURCE" ]]; then
|
||||
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
||||
fi
|
||||
|
||||
chmod a+x "$MOUNT_SOURCE"
|
||||
|
||||
if [[ -z "$VAULT_PASSWORD" ]]; then
|
||||
echo "interactive mount"
|
||||
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
else
|
||||
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
||||
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
fi
|
||||
echo "mounted"
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
echo "chowned"
|
||||
|
||||
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
||||
|
||||
if [[ -z $NO_INSTALL_VAULT ]]; then
|
||||
"$MOUNT_TARGET/install"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
|
||||
home.packages = with pkgs; [ mount-vault ];
|
||||
}
|
||||
{
|
||||
imports = [
|
||||
./scripts/mount-vault.nix
|
||||
./scripts/umount-vault.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
57
nixos/home-manager/scripts/mount-vault.nix
Normal file
57
nixos/home-manager/scripts/mount-vault.nix
Normal file
|
|
@ -0,0 +1,57 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
mount-vault = pkgs.writeTextFile {
|
||||
name = "mount-vault";
|
||||
executable = true;
|
||||
destination = "/bin/mount-vault";
|
||||
text = ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -o pipefail
|
||||
|
||||
VERACRYPT="veracrypt"
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||
fi
|
||||
|
||||
MOUNT_TARGET=$2
|
||||
if [[ -z "$MOUNT_TARGET" ]]; then
|
||||
MOUNT_TARGET=$HOME/.vault
|
||||
fi
|
||||
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
mkdir -p "$MOUNT_TARGET"
|
||||
|
||||
MOUNT_SOURCE=$1
|
||||
if [[ -z "$MOUNT_SOURCE" ]]; then
|
||||
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
||||
fi
|
||||
|
||||
chmod a+x "$MOUNT_SOURCE"
|
||||
|
||||
if [[ -z "$VAULT_PASSWORD" ]]; then
|
||||
echo "interactive mount"
|
||||
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
else
|
||||
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
||||
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
fi
|
||||
echo "mounted"
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
echo "chowned"
|
||||
|
||||
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
||||
|
||||
if [[ -z $NO_INSTALL_VAULT ]]; then
|
||||
"$MOUNT_TARGET/install"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
|
||||
home.packages = with pkgs; [ mount-vault ];
|
||||
}
|
||||
23
nixos/home-manager/scripts/umount-vault.nix
Normal file
23
nixos/home-manager/scripts/umount-vault.nix
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
umount-vault = pkgs.writeTextFile {
|
||||
name = "umount-vault";
|
||||
executable = true;
|
||||
destination = "/bin/umount-vault";
|
||||
text = ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
VERACRYPT="veracrypt"
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||
fi
|
||||
$VERACRYPT -t -d
|
||||
'';
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
home.packages = with pkgs; [ umount-vault ];
|
||||
}
|
||||
|
|
@ -1,41 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -o pipefail
|
||||
|
||||
VERACRYPT="veracrypt"
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||
fi
|
||||
|
||||
MOUNT_TARGET=$2
|
||||
if [[ -z "$MOUNT_TARGET" ]]; then
|
||||
MOUNT_TARGET=$HOME/.vault
|
||||
fi
|
||||
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
mkdir -p "$MOUNT_TARGET"
|
||||
|
||||
MOUNT_SOURCE=$1
|
||||
if [[ -z "$MOUNT_SOURCE" ]]; then
|
||||
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
||||
fi
|
||||
|
||||
chmod a+x "$MOUNT_SOURCE"
|
||||
|
||||
if [[ -z "$VAULT_PASSWORD" ]]; then
|
||||
echo "interactive mount"
|
||||
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
else
|
||||
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
||||
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||
fi
|
||||
echo "mounted"
|
||||
sudo chown $USER "$MOUNT_TARGET"
|
||||
echo "chowned"
|
||||
|
||||
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
||||
|
||||
if [[ -z $NO_INSTALL_VAULT ]]; then
|
||||
"$MOUNT_TARGET/install"
|
||||
fi
|
||||
Loading…
Reference in a new issue