Added draft for storage encryption procedures

scripts/encryption/data/lock.sh

@@ -5,7 +5,7 @@
 #
 # shellcheck disable=SC2015  # Deactivating bool hint
 # shellcheck source=/dev/null # Deactivate SC1090
-source "$(dirname "$(readlink -f "${0}")")/../base.sh" || (echo "Loading base.sh failed." && exit 1)
+source "$(dirname "$(readlink -f "${0}")")/../../base.sh" || (echo "Loading base.sh failed." && exit 1)
 info "Locking directory $DECRYPTED_PATH..." &&
 fusermount -u "$DECRYPTED_PATH" || error "Unmounting failed."
 info "Data is now encrypted."

scripts/encryption/data/unlock.sh

@@ -5,7 +5,7 @@
 #
 # shellcheck source=/dev/null # Deactivate SC1090
 # shellcheck disable=SC2015  # Deactivating bool hint
-source "$(dirname "$(readlink -f "${0}")")/../base.sh" || (echo "Loading base.sh failed." && exit 1)
+source "$(dirname "$(readlink -f "${0}")")/../../base.sh" || (echo "Loading base.sh failed." && exit 1)
 info "Unlocking directory $DECRYPTED_PATH..."
 if [ ! -d "$DECRYPTED_PATH" ]
   then

scripts/encryption/storage/base.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+source "$(dirname "$(readlink -f "${0}")")/../../base.sh" || (echo "Loading base.sh failed." && exit 1)
+
+set_device_mount_and_mapper_paths(){
+  set_device_path &&
+  mapper_name="encrypteddrive-$device" &&
+  mapper_path="/dev/mapper/$mapper_name" &&
+  mount_path="/media/$mapper_name" &&
+  info "mapper name set to : $mapper_name" &&
+  info "mapper path set to : $mapper_path" ||
+  info "mount path set to : $mount_path" ||
+  error
+}

scripts/encryption/storage/mount.sh

@@ -0,0 +1,14 @@
+source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
+echo "Mounting encrypted storage..."
+
+set_device_mount_and_mapper_paths
+
+info "Unlock partition..." &&
+sudo cryptsetup luksOpen $device_path $mapper_name ||
+error
+
+info "Mount partition..." &&
+sudo mount $mapper_path $mount_path ||
+error
+
+success "Mounting successfull :)"

scripts/encryption/storage/setup.sh

@@ -0,0 +1,40 @@
+source "$(dirname "$(readlink -f "${0}")")/base.sh" || (echo "Loading base.sh failed." && exit 1)
+echo "Setups disk encryption"
+
+set_device_mount_and_mapper_paths
+
+info "Overwritting device \"$device_path\" with zeros..." &&
+sudo dd if=/dev/zero of=$device_path bs=$OPTIMAL_BLOCKSIZE status=progress conv=fdatasync ||
+error
+
+info "Creating new GPT partition table..."
+(	echo "g"	# create a new empty GPT partition table
+  echo "w"  # Write partition table
+)| sudo fdisk "$device_path" || error
+
+info "Creating partition table..."
+(	echo "n"	# Create GPT partition table
+  echo "p"	# Create GPT partition table
+  echo "w"  # Write partition table
+)| sudo fdisk "$device_path" || error
+
+info "Show memory devices..." &&
+sudo fdisk -l || error
+
+info "Encrypt $device_path..." &&
+sudo cryptsetup -v -y luksFormat $device_path
+
+info "Unlock partition..." &&
+sudo cryptsetup luksOpen $device_path $mapper_name
+
+info "Create btrfs file system..." &&
+sudo mkfs.btrfs $mapper_path || error
+
+info "Creating mount folder unter \"$mount_path\"..." &&
+mkdir -p $mount_path || error
+
+info "Mount partition..." &&
+sudo mount $mapper_path $mount_path || error
+
+info "Own partition by user..." &&
+sudo chown -R $USER:$USER $mount_path || error