linux-image-manager/scripts/encryption/storage/mount_on_boot.sh

71 lines
2.2 KiB
Bash
Raw Normal View History

2020-05-20 12:13:39 +02:00
#!/bin/bash
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
echo "Automount encrypted storages"
echo
2020-05-20 15:03:50 +02:00
set_device_mount_partition_and_mapper_paths
2020-05-20 12:13:39 +02:00
2020-05-20 15:03:50 +02:00
info "Creating key luks-key-directory..." &&
key_directory="/etc/luks-keys/" &&
sudo mkdir $key_directory || warning "Directory exists: $key_directory"
luks_key_name="$mapper_name""_name_secret_key" &&
secret_key_path="$key_directory$luks_key_name" &&
2020-05-20 12:13:39 +02:00
info "Generate secret key under: $secret_key_path" &&
2020-05-20 15:03:50 +02:00
if [ -f "$secret_key_path" ]
then
warning "File allready exist. Overwritting!"
fi
sudo dd if=/dev/urandom of=$secret_key_path bs=512 count=8 &&
sudo cryptsetup -v luksAddKey $partition_path $secret_key_path ||
2020-05-20 12:13:39 +02:00
error
info "Opening and closing device to verify that that everything works fine..." &&
2020-05-20 15:03:50 +02:00
sudo cryptsetup -v luksOpen $partition_path $mapper_name --key-file=$secret_key_path &&
2020-05-20 12:13:39 +02:00
sudo cryptsetup -v luksClose $mapper_name ||
error
2020-05-20 15:03:50 +02:00
info "Reading UUID..."
uuid_line=$(sudo cryptsetup luksDump $partition_path | grep "UUID") &&
uuid=$(echo "${uuid_line/UUID:/""}"|sed -e "s/[[:space:]]\+//g") ||
error
2020-05-20 12:13:39 +02:00
crypttab_path="/etc/crypttab"
2020-05-20 15:03:50 +02:00
crypttab_entry="$mapper_name UUID=$uuid $secret_key_path luks"
info "Adding crypttab entry..."
if sudo grep -q "$crypttab_entry" "$crypttab_path";
then
warning "File $crypttab_path contains allready a the following entry:" &&
echo "$crypttab_entry" &&
info "Skipped." ||
error
else
sudo sh -c "echo '$crypttab_entry' >> $crypttab_path" ||
error
2020-05-20 12:13:39 +02:00
fi
2020-05-20 15:03:50 +02:00
info "The file $crypttab_path contains now the following:" &&
2020-05-20 12:13:39 +02:00
sudo cat $crypttab_path ||
error
2020-05-20 15:03:50 +02:00
# info "Verifying crypttab configuration..." &&
# sudo cryptdisks_start $mapper_name ||
# error
2020-05-20 12:13:39 +02:00
fstab_path="/etc/fstab"
2020-05-20 15:03:50 +02:00
fstab_entry="$mapper_path $mount_path btrfs defaults 0 2"
info "Adding fstab entry..."
if sudo grep -q "$fstab_entry" "$fstab_path"; then
warning "File $crypttab_path contains allready a the following entry:" &&
echo "$fstab_entry" &&
info "Skipped." ||
error
else
sudo sh -c "echo '$fstab_entry' >> $fstab_path" ||
error
2020-05-20 12:13:39 +02:00
fi
2020-05-20 15:03:50 +02:00
info "The file $fstab_path contains now the following:" &&
sudo cat $fstab_path ||
2020-05-20 12:13:39 +02:00
error
success "Installation finished. Please restart :)"