Initial commit
This commit is contained in:
commit
92817e8d97
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
mounts.conf
|
||||||
21
README.md
Normal file
21
README.md
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# Mounting encrypted volumes helper
|
||||||
|
|
||||||
|
crypt-mounts' purpose is to reduce to one the commands needed to mount punctually encrypted volumes.
|
||||||
|
|
||||||
|
### Introduction
|
||||||
|
One defines their mounts in `mounts.conf`, giving for each:
|
||||||
|
* the mapper name (usually defined in `/etc/crypttab`);
|
||||||
|
* the mount target path;
|
||||||
|
* a friendly name for the mount (optional);
|
||||||
|
* a boolean for enabling auto-locking (i.e. closing encrypted volume when unmounted) or not.
|
||||||
|
|
||||||
|
The install script then generates a Systemd mount file for each mount, with the required bindings.
|
||||||
|
|
||||||
|
### Files
|
||||||
|
* `variables.conf.template` contains examples variables definitions, and should be copied locally to `variables.conf`
|
||||||
|
(with any required modifications).
|
||||||
|
* `systemd-templates/` contains Systemd units templates for running the script unattended.
|
||||||
|
#### Installation
|
||||||
|
* `install.sh` script copies Systemd templates to their destination, and enables conf-sync timer.
|
||||||
|
|
||||||
|
### TODO
|
||||||
2
close-vault.conf.template
Normal file
2
close-vault.conf.template
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
[Unit]
|
||||||
|
BindsTo=PH_MOUNTFILE
|
||||||
29
install.sh
Executable file
29
install.sh
Executable file
@ -0,0 +1,29 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
source "$(dirname "$0")/mounts.conf"
|
||||||
|
|
||||||
|
echo "Copying Systemd units to system directory..."
|
||||||
|
for mount in $mounts; do
|
||||||
|
mountfile=$(echo ${mount[target]} | sed -e "s:/:-:g")
|
||||||
|
mountfile=${mountfile:1}.mount
|
||||||
|
sudo cp $(dirname "$0")/template.mount /etc/systemd/system/$mountfile
|
||||||
|
sudo sed -i -e "s/PH_MAPPER/${mount[mapper]}/g" /etc/systemd/system/$mountfile
|
||||||
|
sudo sed -i -e "s:PH_TARGET:${mount[target]}:g" /etc/systemd/system/$mountfile
|
||||||
|
if [ "${mount[friendly]}" != '' ]; then
|
||||||
|
sudo sed -i -e "s/PH_FRIENDLY/${mount[friendly]}/g" /etc/systemd/system/$mountfile
|
||||||
|
else
|
||||||
|
sudo sed -i -e "s/PH_FRIENDLY/${mount[mapper]}/g" /etc/systemd/system/$mountfile
|
||||||
|
fi
|
||||||
|
if [ ${mount[autlock]} -eq 1 ]; then
|
||||||
|
sudo cp $(dirname "$0")/close-vault.conf.template \
|
||||||
|
/etc/systemd/system/systemd-cryptsetup@${mount[mapper]}.service.d/close-vault.conf
|
||||||
|
sudo sed -i -e "s/PH_MOUNTFILE/$mountfile/g" \
|
||||||
|
/etc/systemd/system/systemd-cryptsetup@${mount[mapper]}.service.d/close-vault.conf
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "Reloading Systemd..."
|
||||||
|
sudo systemctl daemon-reload
|
||||||
|
|
||||||
|
echo "Finished install. Exiting..."
|
||||||
|
exit 0
|
||||||
13
mounts.conf.template
Normal file
13
mounts.conf.template
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# Copy this file as mounts.conf, and add your volumes.
|
||||||
|
|
||||||
|
declare -A mount1
|
||||||
|
mount1[mapper]='' # As in /dev/mapper/<?>
|
||||||
|
mount1[target]='' # Mount point (absolute path)
|
||||||
|
mount1[friendly]='' # Optional friendly name for unit file Description
|
||||||
|
mount1[autolock]=0 # Set to 1 to enable autolock
|
||||||
|
|
||||||
|
mounts=(
|
||||||
|
$mount1
|
||||||
|
#$mount2...
|
||||||
|
)
|
||||||
10
template.mount
Normal file
10
template.mount
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Mount PH_FRIENDLY Volume
|
||||||
|
# Below Requisite could be a Wants
|
||||||
|
Requisite=systemd-cryptsetup@PH_MAPPER.service
|
||||||
|
After=systemd-cryptsetup@PH_MAPPER.service
|
||||||
|
|
||||||
|
[Mount]
|
||||||
|
What=/dev/mapper/PH_MAPPER
|
||||||
|
Where=PH_TARGET
|
||||||
|
Options=rw,relatime
|
||||||
Loading…
Reference in New Issue
Block a user