basic vault scripts added
This commit is contained in:
Cyryl Płotnicki
parent
e717f1d895
commit
a69e350bbe
4 changed files with 86 additions and 97 deletions
|
|
@ -1,57 +1,7 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
{
|
||||||
let
|
imports = [
|
||||||
mount-vault = pkgs.writeTextFile {
|
./scripts/mount-vault.nix
|
||||||
name = "mount-vault";
|
./scripts/umount-vault.nix
|
||||||
executable = true;
|
];
|
||||||
destination = "/bin/mount-vault";
|
}
|
||||||
text = ''
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
set -o pipefail
|
|
||||||
|
|
||||||
VERACRYPT="veracrypt"
|
|
||||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
|
||||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
|
||||||
fi
|
|
||||||
|
|
||||||
MOUNT_TARGET=$2
|
|
||||||
if [[ -z "$MOUNT_TARGET" ]]; then
|
|
||||||
MOUNT_TARGET=$HOME/.vault
|
|
||||||
fi
|
|
||||||
|
|
||||||
sudo chown $USER "$MOUNT_TARGET"
|
|
||||||
mkdir -p "$MOUNT_TARGET"
|
|
||||||
|
|
||||||
MOUNT_SOURCE=$1
|
|
||||||
if [[ -z "$MOUNT_SOURCE" ]]; then
|
|
||||||
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
|
||||||
fi
|
|
||||||
|
|
||||||
chmod a+x "$MOUNT_SOURCE"
|
|
||||||
|
|
||||||
if [[ -z "$VAULT_PASSWORD" ]]; then
|
|
||||||
echo "interactive mount"
|
|
||||||
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
|
||||||
else
|
|
||||||
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
|
||||||
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
|
||||||
fi
|
|
||||||
echo "mounted"
|
|
||||||
sudo chown $USER "$MOUNT_TARGET"
|
|
||||||
echo "chowned"
|
|
||||||
|
|
||||||
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
|
||||||
|
|
||||||
if [[ -z $NO_INSTALL_VAULT ]]; then
|
|
||||||
"$MOUNT_TARGET/install"
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
in
|
|
||||||
{
|
|
||||||
|
|
||||||
home.packages = with pkgs; [ mount-vault ];
|
|
||||||
}
|
|
||||||
|
|
|
||||||
57
nixos/home-manager/scripts/mount-vault.nix
Normal file
57
nixos/home-manager/scripts/mount-vault.nix
Normal file
|
|
@ -0,0 +1,57 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
mount-vault = pkgs.writeTextFile {
|
||||||
|
name = "mount-vault";
|
||||||
|
executable = true;
|
||||||
|
destination = "/bin/mount-vault";
|
||||||
|
text = ''
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
VERACRYPT="veracrypt"
|
||||||
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||||
|
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||||
|
fi
|
||||||
|
|
||||||
|
MOUNT_TARGET=$2
|
||||||
|
if [[ -z "$MOUNT_TARGET" ]]; then
|
||||||
|
MOUNT_TARGET=$HOME/.vault
|
||||||
|
fi
|
||||||
|
|
||||||
|
sudo chown $USER "$MOUNT_TARGET"
|
||||||
|
mkdir -p "$MOUNT_TARGET"
|
||||||
|
|
||||||
|
MOUNT_SOURCE=$1
|
||||||
|
if [[ -z "$MOUNT_SOURCE" ]]; then
|
||||||
|
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
||||||
|
fi
|
||||||
|
|
||||||
|
chmod a+x "$MOUNT_SOURCE"
|
||||||
|
|
||||||
|
if [[ -z "$VAULT_PASSWORD" ]]; then
|
||||||
|
echo "interactive mount"
|
||||||
|
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||||
|
else
|
||||||
|
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
||||||
|
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||||||
|
fi
|
||||||
|
echo "mounted"
|
||||||
|
sudo chown $USER "$MOUNT_TARGET"
|
||||||
|
echo "chowned"
|
||||||
|
|
||||||
|
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
||||||
|
|
||||||
|
if [[ -z $NO_INSTALL_VAULT ]]; then
|
||||||
|
"$MOUNT_TARGET/install"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
home.packages = with pkgs; [ mount-vault ];
|
||||||
|
}
|
||||||
23
nixos/home-manager/scripts/umount-vault.nix
Normal file
23
nixos/home-manager/scripts/umount-vault.nix
Normal file
|
|
@ -0,0 +1,23 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
umount-vault = pkgs.writeTextFile {
|
||||||
|
name = "umount-vault";
|
||||||
|
executable = true;
|
||||||
|
destination = "/bin/umount-vault";
|
||||||
|
text = ''
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
VERACRYPT="veracrypt"
|
||||||
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||||
|
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||||||
|
fi
|
||||||
|
$VERACRYPT -t -d
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
home.packages = with pkgs; [ umount-vault ];
|
||||||
|
}
|
||||||
|
|
@ -1,41 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
set -o pipefail
|
|
||||||
|
|
||||||
VERACRYPT="veracrypt"
|
|
||||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
|
||||||
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
|
||||||
fi
|
|
||||||
|
|
||||||
MOUNT_TARGET=$2
|
|
||||||
if [[ -z "$MOUNT_TARGET" ]]; then
|
|
||||||
MOUNT_TARGET=$HOME/.vault
|
|
||||||
fi
|
|
||||||
|
|
||||||
sudo chown $USER "$MOUNT_TARGET"
|
|
||||||
mkdir -p "$MOUNT_TARGET"
|
|
||||||
|
|
||||||
MOUNT_SOURCE=$1
|
|
||||||
if [[ -z "$MOUNT_SOURCE" ]]; then
|
|
||||||
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
|
||||||
fi
|
|
||||||
|
|
||||||
chmod a+x "$MOUNT_SOURCE"
|
|
||||||
|
|
||||||
if [[ -z "$VAULT_PASSWORD" ]]; then
|
|
||||||
echo "interactive mount"
|
|
||||||
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
|
||||||
else
|
|
||||||
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
|
||||||
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
|
||||||
fi
|
|
||||||
echo "mounted"
|
|
||||||
sudo chown $USER "$MOUNT_TARGET"
|
|
||||||
echo "chowned"
|
|
||||||
|
|
||||||
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
|
||||||
|
|
||||||
if [[ -z $NO_INSTALL_VAULT ]]; then
|
|
||||||
"$MOUNT_TARGET/install"
|
|
||||||
fi
|
|
||||||
Loading…
Reference in a new issue