mirror of
https://github.com/kevinveenbirkenbach/linux-image-manager.git
synced 2024-11-22 15:11:04 +01:00
Implemented encryption mechanism for data
This commit is contained in:
parent
affcc26512
commit
dc72bd5d31
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
data/
|
data/
|
||||||
|
.encrypted/
|
||||||
|
14
README.md
14
README.md
@ -23,15 +23,21 @@ To export configuration files to the system you have to execute:
|
|||||||
```bash
|
```bash
|
||||||
bash ./scripts/export-data-to-system.sh
|
bash ./scripts/export-data-to-system.sh
|
||||||
```
|
```
|
||||||
### Decrypt Data
|
### Unlock Data
|
||||||
To decrypt the data you have to execute:
|
To decrypt the data you have to execute:
|
||||||
```bash
|
```bash
|
||||||
bash ./scripts/decrypt-data.sh
|
bash ./scripts/unlock.sh
|
||||||
```
|
```
|
||||||
### Encrypt Data
|
### Lock Data
|
||||||
To encrypt the data you have to execute:
|
To encrypt the data you have to execute:
|
||||||
```bash
|
```bash
|
||||||
bash ./scripts/encrypt-data.sh
|
bash ./scripts/lock.sh
|
||||||
|
```
|
||||||
|
|
||||||
|
### Change Data Password
|
||||||
|
To change the encryption password you have to type in:
|
||||||
|
```bash
|
||||||
|
encfsctl passwd .encrypted
|
||||||
```
|
```
|
||||||
## License
|
## License
|
||||||
The ["GNU GENERAL PUBLIC LICENSE Version 3"](./LICENSE.txt) applies to this project.
|
The ["GNU GENERAL PUBLIC LICENSE Version 3"](./LICENSE.txt) applies to this project.
|
||||||
|
@ -1 +0,0 @@
|
|||||||
#!/bin/bash
|
|
@ -1 +0,0 @@
|
|||||||
#!/bin/bash
|
|
@ -3,6 +3,11 @@
|
|||||||
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||||
# @param $1 If the first parameter is "reverse" the data will be exported to the system
|
# @param $1 If the first parameter is "reverse" the data will be exported to the system
|
||||||
DATA_FOLDER=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
DATA_FOLDER=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||||
|
if [ -z $(mount | grep $DATA_FOLDER) ]
|
||||||
|
then
|
||||||
|
echo "The data folder $DATA_FOLDER is locked. You need to unlock it!"
|
||||||
|
bash "$(dirname "$(readlink -f "${0}")")/unlock.sh" || exit 1;
|
||||||
|
fi
|
||||||
declare -a BACKUP_LIST=("$HOME/.ssh/" "$HOME/.gitconfig");
|
declare -a BACKUP_LIST=("$HOME/.ssh/" "$HOME/.gitconfig");
|
||||||
for system_item_path in "${BACKUP_LIST[@]}";
|
for system_item_path in "${BACKUP_LIST[@]}";
|
||||||
do
|
do
|
||||||
@ -31,11 +36,11 @@ do
|
|||||||
cp -vi "$source" "$destination"
|
cp -vi "$source" "$destination"
|
||||||
else
|
else
|
||||||
if [ -d "$source" ]
|
if [ -d "$source" ]
|
||||||
then
|
then
|
||||||
echo "Copy data from directory $source to directory $destination_dir..."
|
echo "Copy data from directory $source to directory $destination_dir..."
|
||||||
cp -vir "$source" "$destination_dir"
|
cp -vir "$source" "$destination_dir"
|
||||||
else
|
else
|
||||||
echo "$source doesn't exist. Copying data is not possible."
|
echo "$source doesn't exist. Copying data is not possible."
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
6
scripts/lock.sh
Normal file
6
scripts/lock.sh
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Locks the data
|
||||||
|
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||||
|
DECRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||||
|
echo "Locking directory: $DECRYPTED"
|
||||||
|
fusermount -u $DECRYPTED && echo "Data is now encrypted."
|
@ -1,13 +1,13 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
echo "--------------------------------------------"
|
echo "Start setup of customized core software..."
|
||||||
echo "Customized Pacman Core Software"
|
|
||||||
echo "--------------------------------------------"
|
|
||||||
echo ""
|
|
||||||
echo "Synchronising packages..."
|
echo "Synchronising packages..."
|
||||||
echo "Synchronizing programing languages..."
|
echo "Synchronizing programing languages..."
|
||||||
sudo pacman --needed -S jdk11-openjdk python php
|
sudo pacman --needed -S jdk11-openjdk python php
|
||||||
echo "Synchronizing administration tools..."
|
echo "Synchronizing administration tools..."
|
||||||
sudo pacman --needed -S htop tree git base-devel yay make gcc cmake
|
sudo pacman --needed -S htop tree git base-devel yay make gcc cmake
|
||||||
|
echo "Synchronizing security tools..."
|
||||||
|
sudo pacman --needed -S ecryptfs-utils encfs
|
||||||
|
echo "Setup SSH key"
|
||||||
ssh_key_path="$HOME/.ssh/id_rsa"
|
ssh_key_path="$HOME/.ssh/id_rsa"
|
||||||
if [ ! -f "$ssh_key_path" ]; then
|
if [ ! -f "$ssh_key_path" ]; then
|
||||||
echo "SSH key $ssh_key_path doesn't exists!"
|
echo "SSH key $ssh_key_path doesn't exists!"
|
||||||
|
7
scripts/unlock.sh
Normal file
7
scripts/unlock.sh
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Unlocks the data
|
||||||
|
# @author Kevin Veen-Birkenbach [aka. Frantz]
|
||||||
|
ENCRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../.encrypted");
|
||||||
|
DECRYPTED=$(readlink -f "$(dirname "$(readlink -f "${0}")")/../data");
|
||||||
|
echo "Unlocking directory: $DECRYPTED"
|
||||||
|
encfs $ENCRYPTED $DECRYPTED && echo "ATTENTION: DATA IS NOW DECRYPTED!"
|
Loading…
Reference in New Issue
Block a user