mirror of
https://github.com/kevinveenbirkenbach/linux-image-manager.git
synced 2024-12-22 12:05:04 +01:00
Implemented encryption mechanism for data
This commit is contained in:
parent
affcc26512
commit
dc72bd5d31
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
||||
data/
|
||||
.encrypted/
|
||||
|
16
README.md
16
README.md
@ -4,7 +4,7 @@
|
||||
This repository contains scripts to set up an working client system, maintain it and to save the data on an USB stick.
|
||||
It's adapted to the needs of Kevin Veen-Birkenbach aka. Frantz.
|
||||
## Requirements
|
||||
This script is optimized for a [Manjaro Linux](https://manjaro.org) with [GNOME desktop](https://www.gnome.org/?).
|
||||
This script is optimized for a [Manjaro Linux](https://manjaro.org) with [GNOME desktop](https://www.gnome.org/?).
|
||||
Specific system requirements are described in the [.travis file](./.travis).
|
||||
|
||||
## Functions
|
||||
@ -23,15 +23,21 @@ To export configuration files to the system you have to execute:
|
||||
```bash
|
||||
bash ./scripts/export-data-to-system.sh
|
||||
```
|
||||
### Decrypt Data
|
||||
### Unlock Data
|
||||
To decrypt the data you have to execute:
|
||||
```bash
|
||||
bash ./scripts/decrypt-data.sh
|
||||
bash ./scripts/unlock.sh
|
||||
```
|
||||
### Encrypt Data
|
||||
### Lock Data
|
||||
To encrypt the data you have to execute:
|
||||
```bash
|
||||
bash ./scripts/encrypt-data.sh
|
||||
bash ./scripts/lock.sh
|
||||
```
|
||||
|
||||
### Change Data Password
|
||||
To change the encryption password you have to type in:
|
||||
```bash
|
||||
encfsctl passwd .encrypted
|
||||
```
|
||||
## License
|
||||
The ["GNU GENERAL PUBLIC LICENSE Version 3"](./LICENSE.txt) applies to this project.
|
||||
|
@ -1 +0,0 @@
|
||||
#!/bin/bash
|
@ -1 +0,0 @@
|
||||
#!/bin/bash
|
@ -3,6 +3,11 @@
|
||||
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||
# @param $1 If the first parameter is "reverse" the data will be exported to the system
|
||||
DATA_FOLDER=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||
if [ -z $(mount | grep $DATA_FOLDER) ]
|
||||
then
|
||||
echo "The data folder $DATA_FOLDER is locked. You need to unlock it!"
|
||||
bash "$(dirname "$(readlink -f "${0}")")/unlock.sh" || exit 1;
|
||||
fi
|
||||
declare -a BACKUP_LIST=("$HOME/.ssh/" "$HOME/.gitconfig");
|
||||
for system_item_path in "${BACKUP_LIST[@]}";
|
||||
do
|
||||
@ -31,11 +36,11 @@ do
|
||||
cp -vi "$source" "$destination"
|
||||
else
|
||||
if [ -d "$source" ]
|
||||
then
|
||||
echo "Copy data from directory $source to directory $destination_dir..."
|
||||
cp -vir "$source" "$destination_dir"
|
||||
else
|
||||
echo "$source doesn't exist. Copying data is not possible."
|
||||
fi
|
||||
then
|
||||
echo "Copy data from directory $source to directory $destination_dir..."
|
||||
cp -vir "$source" "$destination_dir"
|
||||
else
|
||||
echo "$source doesn't exist. Copying data is not possible."
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
6
scripts/lock.sh
Normal file
6
scripts/lock.sh
Normal file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
# Locks the data
|
||||
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||
DECRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||
echo "Locking directory: $DECRYPTED"
|
||||
fusermount -u $DECRYPTED && echo "Data is now encrypted."
|
@ -1,13 +1,13 @@
|
||||
#!/bin/bash
|
||||
echo "--------------------------------------------"
|
||||
echo "Customized Pacman Core Software"
|
||||
echo "--------------------------------------------"
|
||||
echo ""
|
||||
echo "Start setup of customized core software..."
|
||||
echo "Synchronising packages..."
|
||||
echo "Synchronizing programing languages..."
|
||||
sudo pacman --needed -S jdk11-openjdk python php
|
||||
echo "Synchronizing administration tools..."
|
||||
sudo pacman --needed -S htop tree git base-devel yay make gcc cmake
|
||||
echo "Synchronizing security tools..."
|
||||
sudo pacman --needed -S ecryptfs-utils encfs
|
||||
echo "Setup SSH key"
|
||||
ssh_key_path="$HOME/.ssh/id_rsa"
|
||||
if [ ! -f "$ssh_key_path" ]; then
|
||||
echo "SSH key $ssh_key_path doesn't exists!"
|
||||
|
7
scripts/unlock.sh
Normal file
7
scripts/unlock.sh
Normal file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
# Unlocks the data
|
||||
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||
ENCRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../.encrypted");
|
||||
DECRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||
echo "Unlocking directory: $DECRYPTED"
|
||||
encfs $ENCRYPTED $DECRYPTED && echo "ATTENTION: DATA IS NOW DECRYPTED!"
|
Loading…
Reference in New Issue
Block a user