diff --git a/nixos/home-manager/default.nix b/nixos/home-manager/default.nix index 38b218b3..d6e1953a 100644 --- a/nixos/home-manager/default.nix +++ b/nixos/home-manager/default.nix @@ -30,6 +30,7 @@ ./programs/newsboat.nix ./programs.nix ./links.nix + ./scripts.nix ./cli.nix ]; diff --git a/nixos/home-manager/scripts.nix b/nixos/home-manager/scripts.nix new file mode 100644 index 00000000..f38ae262 --- /dev/null +++ b/nixos/home-manager/scripts.nix @@ -0,0 +1,57 @@ +{ config, pkgs, ... }: + +let + mount-vault = pkgs.writeTextFile { + name = "mount-vault"; + executable = true; + destination = "/bin/mount-vault"; + text = '' + #!/usr/bin/env bash + + set -e + set -o pipefail + + VERACRYPT="veracrypt" + if [[ "$OSTYPE" == "darwin"* ]]; then + VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt" + fi + + MOUNT_TARGET=$2 + if [[ -z "$MOUNT_TARGET" ]]; then + MOUNT_TARGET=$HOME/.vault + fi + + sudo chown $USER "$MOUNT_TARGET" + mkdir -p "$MOUNT_TARGET" + + MOUNT_SOURCE=$1 + if [[ -z "$MOUNT_SOURCE" ]]; then + MOUNT_SOURCE="$HOME/vaults/vault.vera" + fi + + chmod a+x "$MOUNT_SOURCE" + + if [[ -z "$VAULT_PASSWORD" ]]; then + echo "interactive mount" + $VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET" + else + echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'" + sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET" + fi + echo "mounted" + sudo chown $USER "$MOUNT_TARGET" + echo "chowned" + + echo "$MOUNT_SOURCE -> $MOUNT_TARGET" + + if [[ -z $NO_INSTALL_VAULT ]]; then + "$MOUNT_TARGET/install" + fi + ''; + }; + +in + { + + home.packages = with pkgs; [ mount-vault ]; + }