mirror of
https://github.com/kevinveenbirkenbach/linux-image-manager.git
synced 2024-11-26 00:41:04 +01:00
Merge branch 'master' of github.com:kevinveenbirkenbach/core-system
This commit is contained in:
commit
1b98526a89
@ -1,2 +1,2 @@
|
|||||||
language: shell
|
language: shell
|
||||||
script: shellcheck ./scripts/*/*.sh
|
script: shellcheck $(find . -type f -name '*.sh')
|
||||||
|
@ -56,7 +56,9 @@ $HOME/Documents/certificates/ | Contains certificates to authenticate via [certi
|
|||||||
| $HOME/Documents/recovery_codes/ | Contains files with recovery_codes e.g. for [Two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication). |
|
| $HOME/Documents/recovery_codes/ | Contains files with recovery_codes e.g. for [Two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication). |
|
||||||
| $HOME/Documents/identity/ | Contains files to prove the identity of the *Core System Owner* in physical live like passports. |
|
| $HOME/Documents/identity/ | Contains files to prove the identity of the *Core System Owner* in physical live like passports. |
|
||||||
| $HOME/Documents/passwords/ | Contains e.g the [KeePassXC](https://keepassxc.org/) database with all *Core System Owner* passwords. |
|
| $HOME/Documents/passwords/ | Contains e.g the [KeePassXC](https://keepassxc.org/) database with all *Core System Owner* passwords. |
|
||||||
| $HOME/Repositories/ | Contains all git repositories |
|
| $HOME/Repositories/ | Contains all git repository providers. |
|
||||||
|
| $HOME/Repositories/{{provider}} | Contains all git repositories of an provider. |
|
||||||
|
| $HOME/Backups | Contains all backups. The sub-folders follow the standards of [Backup Manager](https://github.com/kevinveenbirkenbach/backup-manager) |
|
||||||
| $HOME/Games/roms | Contains all roms |
|
| $HOME/Games/roms | Contains all roms |
|
||||||
| $HOME/Images/ | contains os images|
|
| $HOME/Images/ | contains os images|
|
||||||
|
|
||||||
|
@ -10,3 +10,5 @@ eclipse-java
|
|||||||
ccls
|
ccls
|
||||||
# office
|
# office
|
||||||
ttf-ms-fonts
|
ttf-ms-fonts
|
||||||
|
#cloud
|
||||||
|
dropbox
|
||||||
|
1
configuration/packages/client/yay/gnome.txt
Normal file
1
configuration/packages/client/yay/gnome.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
nautilus-dropbox
|
10
scripts/analyze/client/not_encrypted_ssh_keys.sh
Normal file
10
scripts/analyze/client/not_encrypted_ssh_keys.sh
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# @see https://stackoverflow.com/questions/32408820/how-to-list-files-and-match-first-line-in-bash-script
|
||||||
|
# @see https://unix.stackexchange.com/questions/298590/using-find-non-recursively
|
||||||
|
# @see https://security.stackexchange.com/questions/129724/how-to-check-if-an-ssh-private-key-has-passphrase-or-not
|
||||||
|
find "$HOME/.ssh" -maxdepth 1 -type f -print0 | while IFS= read -r -d $'\0' file; do
|
||||||
|
if [[ $(head -n1 "$file") == "-----BEGIN OPENSSH PRIVATE KEY-----" ]]; then
|
||||||
|
echo "Test file: $file"
|
||||||
|
ssh-keygen -y -P "" -f "$file"
|
||||||
|
fi
|
||||||
|
done
|
@ -1,37 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
# Wrong scripped but good as a base to optimize later. See http://blog.tdg5.com/tuning-dd-block-size/
|
|
||||||
# Since we're dealing with dd, abort if any errors occur
|
|
||||||
set -e
|
|
||||||
|
|
||||||
TEST_FILE=${1:-dd_obs_testfile}
|
|
||||||
[ -e "$TEST_FILE" ]; TEST_FILE_EXISTS=$?
|
|
||||||
TEST_FILE_SIZE=134217728
|
|
||||||
|
|
||||||
# Header
|
|
||||||
PRINTF_FORMAT="%8s : %s\n"
|
|
||||||
printf "$PRINTF_FORMAT" 'block size' 'transfer rate'
|
|
||||||
|
|
||||||
# Block sizes of 512b 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K 1M 2M 4M 8M 16M 32M 64M
|
|
||||||
for BLOCK_SIZE in 512 1024 2048 4096 8192 16384 32768 65536 131072 262144 524288 1048576 2097152 4194304 8388608 16777216 33554432 67108864
|
|
||||||
do
|
|
||||||
# Calculate number of segments required to copy
|
|
||||||
COUNT=$(($TEST_FILE_SIZE / $BLOCK_SIZE))
|
|
||||||
|
|
||||||
if [ $COUNT -le 0 ]; then
|
|
||||||
echo "Block size of $BLOCK_SIZE estimated to require $COUNT blocks, aborting further tests."
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Create a test file with the specified block size
|
|
||||||
DD_RESULT=$(dd if=/dev/zero of=$TEST_FILE bs=$BLOCK_SIZE count=$COUNT 2>&1 1>/dev/null)
|
|
||||||
|
|
||||||
echo $DD_RESULT
|
|
||||||
# Extract the transfer rate from dd's STDERR output
|
|
||||||
TRANSFER_RATE=$(echo $DD_RESULT | \grep --only-matching -E '[0-9.]+ ([MGk]?B|bytes)/s(ec)?')
|
|
||||||
|
|
||||||
# Clean up the test file if we created one
|
|
||||||
[ $TEST_FILE_EXISTS -ne 0 ] && rm $TEST_FILE
|
|
||||||
|
|
||||||
# Output the result
|
|
||||||
printf "$PRINTF_FORMAT" "$BLOCK_SIZE" "$TRANSFER_RATE"
|
|
||||||
done
|
|
@ -146,7 +146,8 @@ install_gnome_extension(){
|
|||||||
|
|
||||||
if [ "$DESKTOP_SESSION" == "gnome" ]; then
|
if [ "$DESKTOP_SESSION" == "gnome" ]; then
|
||||||
info "Synchronizing gnome tools..." &&
|
info "Synchronizing gnome tools..." &&
|
||||||
sudo pacman -S "$(get_packages 'client/pacman/gnome')" || error "Syncronisation failed."
|
sudo pacman -S "$(get_packages 'client/pacman/gnome')" &&
|
||||||
|
install_yay_packages_if_needed "$(get_packages "client/yay/gnome")" || error "Syncronisation failed."
|
||||||
info "Setting up gnome dash favourites..." &&
|
info "Setting up gnome dash favourites..." &&
|
||||||
gsettings set org.gnome.shell favorite-apps "['org.gnome.Nautilus.desktop',
|
gsettings set org.gnome.shell favorite-apps "['org.gnome.Nautilus.desktop',
|
||||||
'org.gnome.Terminal.desktop',
|
'org.gnome.Terminal.desktop',
|
||||||
|
@ -15,9 +15,8 @@ declare -a BACKUP_LIST=("$HOME/.ssh/" \
|
|||||||
"$HOME/.local/share/rhythmbox/rhythmdb.xml" \
|
"$HOME/.local/share/rhythmbox/rhythmdb.xml" \
|
||||||
"$HOME/.config/keepassxc/keepassxc.ini" \
|
"$HOME/.config/keepassxc/keepassxc.ini" \
|
||||||
"$HOME/Documents/certificates/" \
|
"$HOME/Documents/certificates/" \
|
||||||
"$HOME/Documents/recovery_codes/" \
|
"$HOME/Documents/security/" \
|
||||||
"$HOME/Documents/identity/" \
|
"$HOME/Documents/identity/" \
|
||||||
"$HOME/Documents/passwords/" \
|
|
||||||
"$HOME/Documents/health/" \
|
"$HOME/Documents/health/" \
|
||||||
"$HOME/Documents/licenses/");
|
"$HOME/Documents/licenses/");
|
||||||
|
|
||||||
|
2
scripts/encryption/storage/Readme.md
Normal file
2
scripts/encryption/storage/Readme.md
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
# Storage
|
||||||
|
For security reasons storages **SHOULD** be encrypted with [LUKS](https://de.wikipedia.org/wiki/Dm-crypt#Erweiterung_mit_LUKS). To keep it standardized and easy this scripts will use [btrfs](https://de.wikipedia.org/wiki/Btrfs) as file system.
|
@ -1,5 +1,10 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
source "$(dirname "$(readlink -f "${0}")")/../../base.sh" || (echo "Loading base.sh failed." && exit 1)
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2034 # Unused variables
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2001 # See if you can use ${variable//search/replace} instead
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/../../../base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
|
||||||
set_device_mount_partition_and_mapper_paths(){
|
set_device_mount_partition_and_mapper_paths(){
|
||||||
set_device_path &&
|
set_device_path &&
|
||||||
@ -8,7 +13,72 @@ set_device_mount_partition_and_mapper_paths(){
|
|||||||
mount_path="/media/$mapper_name" &&
|
mount_path="/media/$mapper_name" &&
|
||||||
partition_path="$device_path""1" &&
|
partition_path="$device_path""1" &&
|
||||||
info "mapper name set to : $mapper_name" &&
|
info "mapper name set to : $mapper_name" &&
|
||||||
info "mapper path set to : $mapper_path" ||
|
info "mapper path set to : $mapper_path" &&
|
||||||
info "mount path set to : $mount_path" ||
|
info "mount path set to : $mount_path" ||
|
||||||
error
|
error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# @var $1 mapper_path
|
||||||
|
# @var $2 partition_path
|
||||||
|
create_luks_key_and_update_cryptab(){
|
||||||
|
LUKS_KEY_DIRECTORY="/etc/luks-keys/" &&
|
||||||
|
info "Creating luks-key-directory..." &&
|
||||||
|
sudo mkdir $LUKS_KEY_DIRECTORY || warning "Directory exists: $LUKS_KEY_DIRECTORY" || error
|
||||||
|
luks_key_name="$1.keyfile" &&
|
||||||
|
secret_key_path="$LUKS_KEY_DIRECTORY$luks_key_name" &&
|
||||||
|
info "Generate secret key under: $secret_key_path" || error
|
||||||
|
if [ -f "$secret_key_path" ]
|
||||||
|
then
|
||||||
|
warning "File allready exist. Overwritting!"
|
||||||
|
fi
|
||||||
|
sudo dd if=/dev/urandom of="$secret_key_path" bs=512 count=8 &&
|
||||||
|
sudo cryptsetup -v luksAddKey "$2" "$secret_key_path" &&
|
||||||
|
info "Opening and closing device to verify that that everything works fine..." || error
|
||||||
|
sudo cryptsetup -v luksClose "$1" || info "No need to luksClose $1."
|
||||||
|
sudo cryptsetup -v luksOpen "$2" "$1" --key-file="$secret_key_path" &&
|
||||||
|
sudo cryptsetup -v luksClose "$1" &&
|
||||||
|
info "Reading UUID..." &&
|
||||||
|
uuid_line=$(sudo cryptsetup luksDump "$2" | grep "UUID") &&
|
||||||
|
uuid=$(echo "${uuid_line/UUID:/""}"|sed -e "s/[[:space:]]\+//g") &&
|
||||||
|
crypttab_path="/etc/crypttab" &&
|
||||||
|
crypttab_entry="$1 UUID=$uuid $secret_key_path luks" &&
|
||||||
|
info "Adding crypttab entry..." || error
|
||||||
|
if sudo grep -q "$crypttab_entry" "$crypttab_path";
|
||||||
|
then
|
||||||
|
warning "File $crypttab_path contains allready a the following entry:" &&
|
||||||
|
echo "$crypttab_entry" &&
|
||||||
|
info "Skipped." ||
|
||||||
|
error
|
||||||
|
else
|
||||||
|
sudo sh -c "echo '$crypttab_entry' >> $crypttab_path" ||
|
||||||
|
error
|
||||||
|
fi
|
||||||
|
|
||||||
|
info "The file $crypttab_path contains now the following:" &&
|
||||||
|
sudo cat $crypttab_path ||
|
||||||
|
error
|
||||||
|
}
|
||||||
|
|
||||||
|
# @var $1 mapper_name
|
||||||
|
# @var $2 mount_path
|
||||||
|
#
|
||||||
|
# If mount doesn't work adapt it manually to
|
||||||
|
# @see https://gist.github.com/MaxXor/ba1665f47d56c24018a943bb114640d7
|
||||||
|
update_fstab(){
|
||||||
|
fstab_path="/etc/fstab"
|
||||||
|
fstab_entry="$1 $2 btrfs defaults 0 2"
|
||||||
|
info "Adding fstab entry..."
|
||||||
|
if sudo grep -q "$fstab_entry" "$fstab_path"; then
|
||||||
|
warning "File $fstab_path contains allready a the following entry:" &&
|
||||||
|
echo "$fstab_entry" &&
|
||||||
|
info "Skipped." ||
|
||||||
|
error
|
||||||
|
else
|
||||||
|
sudo sh -c "echo '$fstab_entry' >> $fstab_path" ||
|
||||||
|
error
|
||||||
|
fi
|
||||||
|
|
||||||
|
info "The file $fstab_path contains now the following:" &&
|
||||||
|
sudo cat $fstab_path ||
|
||||||
|
error
|
||||||
|
}
|
||||||
|
@ -1,15 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
|
||||||
echo "Mounts encrypted storages"
|
|
||||||
|
|
||||||
set_device_mount_partition_and_mapper_paths
|
|
||||||
|
|
||||||
info "Unlock partition..." &&
|
|
||||||
sudo cryptsetup luksOpen $partition_path $mapper_name ||
|
|
||||||
error
|
|
||||||
|
|
||||||
info "Mount partition..." &&
|
|
||||||
sudo mount $mapper_path $mount_path ||
|
|
||||||
error
|
|
||||||
|
|
||||||
success "Mounting successfull :)"
|
|
@ -1,70 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
|
||||||
echo "Automount encrypted storages"
|
|
||||||
echo
|
|
||||||
set_device_mount_partition_and_mapper_paths
|
|
||||||
|
|
||||||
info "Creating key luks-key-directory..." &&
|
|
||||||
key_directory="/etc/luks-keys/" &&
|
|
||||||
sudo mkdir $key_directory || warning "Directory exists: $key_directory"
|
|
||||||
luks_key_name="$mapper_name""_name_secret_key" &&
|
|
||||||
secret_key_path="$key_directory$luks_key_name" &&
|
|
||||||
info "Generate secret key under: $secret_key_path" &&
|
|
||||||
if [ -f "$secret_key_path" ]
|
|
||||||
then
|
|
||||||
warning "File allready exist. Overwritting!"
|
|
||||||
fi
|
|
||||||
sudo dd if=/dev/urandom of=$secret_key_path bs=512 count=8 &&
|
|
||||||
sudo cryptsetup -v luksAddKey $partition_path $secret_key_path ||
|
|
||||||
error
|
|
||||||
|
|
||||||
info "Opening and closing device to verify that that everything works fine..." &&
|
|
||||||
sudo cryptsetup -v luksOpen $partition_path $mapper_name --key-file=$secret_key_path &&
|
|
||||||
sudo cryptsetup -v luksClose $mapper_name ||
|
|
||||||
error
|
|
||||||
|
|
||||||
info "Reading UUID..."
|
|
||||||
uuid_line=$(sudo cryptsetup luksDump $partition_path | grep "UUID") &&
|
|
||||||
uuid=$(echo "${uuid_line/UUID:/""}"|sed -e "s/[[:space:]]\+//g") ||
|
|
||||||
error
|
|
||||||
|
|
||||||
crypttab_path="/etc/crypttab"
|
|
||||||
crypttab_entry="$mapper_name UUID=$uuid $secret_key_path luks"
|
|
||||||
info "Adding crypttab entry..."
|
|
||||||
if sudo grep -q "$crypttab_entry" "$crypttab_path";
|
|
||||||
then
|
|
||||||
warning "File $crypttab_path contains allready a the following entry:" &&
|
|
||||||
echo "$crypttab_entry" &&
|
|
||||||
info "Skipped." ||
|
|
||||||
error
|
|
||||||
else
|
|
||||||
sudo sh -c "echo '$crypttab_entry' >> $crypttab_path" ||
|
|
||||||
error
|
|
||||||
fi
|
|
||||||
|
|
||||||
info "The file $crypttab_path contains now the following:" &&
|
|
||||||
sudo cat $crypttab_path ||
|
|
||||||
error
|
|
||||||
|
|
||||||
# info "Verifying crypttab configuration..." &&
|
|
||||||
# sudo cryptdisks_start $mapper_name ||
|
|
||||||
# error
|
|
||||||
|
|
||||||
fstab_path="/etc/fstab"
|
|
||||||
fstab_entry="$mapper_path $mount_path btrfs defaults 0 2"
|
|
||||||
info "Adding fstab entry..."
|
|
||||||
if sudo grep -q "$fstab_entry" "$fstab_path"; then
|
|
||||||
warning "File $crypttab_path contains allready a the following entry:" &&
|
|
||||||
echo "$fstab_entry" &&
|
|
||||||
info "Skipped." ||
|
|
||||||
error
|
|
||||||
else
|
|
||||||
sudo sh -c "echo '$fstab_entry' >> $fstab_path" ||
|
|
||||||
error
|
|
||||||
fi
|
|
||||||
|
|
||||||
info "The file $fstab_path contains now the following:" &&
|
|
||||||
sudo cat $fstab_path ||
|
|
||||||
error
|
|
||||||
|
|
||||||
success "Installation finished. Please restart :)"
|
|
22
scripts/encryption/storage/raid1/base.sh
Normal file
22
scripts/encryption/storage/raid1/base.sh
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2034 # Unused variables
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/../base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
set_raid1_devices_mount_partition_and_mapper_paths(){
|
||||||
|
info "RAID1 partition 1..." &&
|
||||||
|
set_device_mount_partition_and_mapper_paths &&
|
||||||
|
partition_path_1=$partition_path &&
|
||||||
|
mapper_name_1=$mapper_name &&
|
||||||
|
mapper_path_1=$mapper_path &&
|
||||||
|
mount_path_1=$mount_path &&
|
||||||
|
device_path_1=$device_path &&
|
||||||
|
info "RAID1 partition 2..." &&
|
||||||
|
set_device_mount_partition_and_mapper_paths &&
|
||||||
|
partition_path_2=$partition_path &&
|
||||||
|
mapper_name_2=$mapper_name &&
|
||||||
|
mapper_path_2=$mapper_path &&
|
||||||
|
mount_path_2=$mount_path &&
|
||||||
|
device_path_2=$device_path || error
|
||||||
|
}
|
14
scripts/encryption/storage/raid1/mount_on_boot.sh
Normal file
14
scripts/encryption/storage/raid1/mount_on_boot.sh
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
# shellcheck disable=SC2015 #Deactivate bool hint
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
info "Automount raid1 encrypted storages..." &&
|
||||||
|
set_raid1_devices_mount_partition_and_mapper_paths &&
|
||||||
|
create_luks_key_and_update_cryptab "$mapper_name_1" "$device_path_1" &&
|
||||||
|
info "Creating mount folder unter \"$mount_path_1\"..." &&
|
||||||
|
sudo mkdir -vp "$mount_path_1" &&
|
||||||
|
create_luks_key_and_update_cryptab "$mapper_name_2" "$device_path_2" &&
|
||||||
|
update_fstab "$mapper_path_1" "$mount_path_1" &&
|
||||||
|
success "Installation finished. Please restart :)" ||
|
||||||
|
error
|
23
scripts/encryption/storage/raid1/setup.sh
Normal file
23
scripts/encryption/storage/raid1/setup.sh
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# @author Kevin Veen-Birkenbach [kevin@veen.world]
|
||||||
|
# @see https://balaskas.gr/btrfs/raid1.html
|
||||||
|
# @see https://mutschler.eu/linux/install-guides/ubuntu-btrfs-raid1/
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
|
||||||
|
set_raid1_devices_mount_partition_and_mapper_paths
|
||||||
|
|
||||||
|
info "Encrypting $device_path_1..." &&
|
||||||
|
cryptsetup luksFormat "$device_path_1" &&
|
||||||
|
info "Encrypting $device_path_2..." &&
|
||||||
|
cryptsetup luksFormat "$device_path_2" &&
|
||||||
|
blkid | tail -2 &&
|
||||||
|
cryptsetup luksOpen "$device_path_1" "$mapper_name_1" &&
|
||||||
|
cryptsetup luksOpen "$device_path_2" "$mapper_name_2" &&
|
||||||
|
cryptsetup status "$mapper_path_1" &&
|
||||||
|
cryptsetup status "$mapper_path_2" &&
|
||||||
|
mkfs.btrfs -m raid1 -d raid1 "$mapper_path_1" "$mapper_path_2" &&
|
||||||
|
success "Encryption successfull :)" ||
|
||||||
|
error
|
3
scripts/encryption/storage/single_drive/base.sh
Normal file
3
scripts/encryption/storage/single_drive/base.sh
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/../base.sh" || (echo "Loading base.sh failed." && exit 1)
|
18
scripts/encryption/storage/single_drive/mount.sh
Normal file
18
scripts/encryption/storage/single_drive/mount.sh
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
echo "Mounts encrypted storages"
|
||||||
|
|
||||||
|
set_device_mount_partition_and_mapper_paths
|
||||||
|
|
||||||
|
info "Unlock partition..." &&
|
||||||
|
sudo cryptsetup luksOpen "$partition_path" "$mapper_name" ||
|
||||||
|
error
|
||||||
|
|
||||||
|
info "Mount partition..." &&
|
||||||
|
sudo mount "$mapper_path" "$mount_path" ||
|
||||||
|
error
|
||||||
|
|
||||||
|
success "Mounting successfull :)"
|
13
scripts/encryption/storage/single_drive/mount_on_boot.sh
Normal file
13
scripts/encryption/storage/single_drive/mount_on_boot.sh
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
echo "Automount encrypted storages"
|
||||||
|
echo
|
||||||
|
set_device_mount_partition_and_mapper_paths
|
||||||
|
|
||||||
|
create_luks_key_and_update_cryptab "$mapper_name" "$partition_path"
|
||||||
|
|
||||||
|
update_fstab "$mapper_path" "$mount_path"
|
||||||
|
|
||||||
|
success "Installation finished. Please restart :)"
|
@ -1,3 +1,7 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
echo "Setups disk encryption"
|
echo "Setups disk encryption"
|
||||||
|
|
||||||
@ -22,25 +26,25 @@ info "Creating partition table..."
|
|||||||
error
|
error
|
||||||
|
|
||||||
info "Encrypt $device_path..." &&
|
info "Encrypt $device_path..." &&
|
||||||
sudo cryptsetup -v -y luksFormat $partition_path ||
|
sudo cryptsetup -v -y luksFormat "$partition_path" ||
|
||||||
error
|
error
|
||||||
|
|
||||||
info "Unlock partition..." &&
|
info "Unlock partition..." &&
|
||||||
sudo cryptsetup luksOpen $partition_path $mapper_name ||
|
sudo cryptsetup luksOpen "$partition_path" "$mapper_name" ||
|
||||||
error
|
error
|
||||||
|
|
||||||
info "Create btrfs file system..." &&
|
info "Create btrfs file system..." &&
|
||||||
sudo mkfs.btrfs $mapper_path || error
|
sudo mkfs.btrfs "$mapper_path" || error
|
||||||
|
|
||||||
info "Creating mount folder unter \"$mount_path\"..." &&
|
info "Creating mount folder unter \"$mount_path\"..." &&
|
||||||
sudo mkdir -p $mount_path || error
|
sudo mkdir -p "$mount_path" || error
|
||||||
|
|
||||||
info "Mount partition..." &&
|
info "Mount partition..." &&
|
||||||
sudo mount $mapper_path $mount_path ||
|
sudo mount "$mapper_path" "$mount_path" ||
|
||||||
error
|
error
|
||||||
|
|
||||||
info "Own partition by user..." &&
|
info "Own partition by user..." &&
|
||||||
sudo chown -R $USER:$USER $mount_path ||
|
sudo chown -R "$USER":"$USER" "$mount_path" ||
|
||||||
error
|
error
|
||||||
|
|
||||||
success "Encryption successfull :)"
|
success "Encryption successfull :)"
|
15
scripts/encryption/storage/single_drive/umount.sh
Normal file
15
scripts/encryption/storage/single_drive/umount.sh
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# shellcheck disable=SC1090 # Can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC2015 # Deactivating bool hint
|
||||||
|
# shellcheck disable=SC2154 # Referenced but not assigned
|
||||||
|
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
||||||
|
echo "Unmount encrypted storages"
|
||||||
|
|
||||||
|
set_device_mount_partition_and_mapper_paths
|
||||||
|
|
||||||
|
info "Unmount $mapper_path..."
|
||||||
|
sudo umount "$mapper_path" &&
|
||||||
|
sudo cryptsetup luksClose "$mapper_path" ||
|
||||||
|
error
|
||||||
|
|
||||||
|
success "Successfull :)"
|
@ -1,12 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
|
|
||||||
echo "Unmount encrypted storages"
|
|
||||||
|
|
||||||
set_device_mount_partition_and_mapper_paths
|
|
||||||
|
|
||||||
info "Unmount $mapper_path..."
|
|
||||||
sudo umount $mapper_path &&
|
|
||||||
sudo cryptsetup luksClose $mapper_path ||
|
|
||||||
error
|
|
||||||
|
|
||||||
success "Successfull :)"
|
|
Loading…
Reference in New Issue
Block a user