diff options
| author | Marvin Borner | 2023-06-19 22:38:59 +0200 |
|---|---|---|
| committer | Marvin Borner | 2023-06-19 22:38:59 +0200 |
| commit | 1f7fb66baee1b1c655eafef51b7603c2773a6a84 (patch) | |
| tree | 7cdcde0bcb924b4f081c20c049b56497c52659f0 | |
| parent | 01a943366a5eb813627c6131aeb952a98b2c46a7 (diff) | |
Added features
hehe
| -rw-r--r-- | license | 13 | ||||
| -rw-r--r-- | makefile | 7 | ||||
| -rw-r--r-- | readme.md | 12 | ||||
| -rwxr-xr-x | vault.sh | 63 |
4 files changed, 86 insertions, 9 deletions
@@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + +Copyright (C) 2023 Marvin Borner <develop@marvinborner.de> + +Everyone is permitted to copy and distribute verbatim or modified +copies of this license document, and changing it is allowed as long +as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/makefile b/makefile new file mode 100644 index 0000000..c51bf60 --- /dev/null +++ b/makefile @@ -0,0 +1,7 @@ +TARGET=vault +PREFIX?=/usr/local + +install: + @mkdir -p $(PREFIX)/bin + @cp -f $(TARGET).sh $(PREFIX)/bin/$(TARGET) + @chmod 755 $(PREFIX)/bin/$(TARGET) diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..f15f163 --- /dev/null +++ b/readme.md @@ -0,0 +1,12 @@ +# Vault + +> simple tool for storing files securely using luks encryption + +[](https://asciinema.org/a/UU1AhA26xlIs9bWkUMmJAYTbm?autoplay=1) + +## Instructions + +- understand (and adapt) `vault.sh` +- install `cryptsetup`, `e2fsprogs` and `qemu-img` (for resizing) +- `sudo make install` +- `vault help` @@ -5,18 +5,22 @@ prompt_password() { printf "Enter password: " trap 'stty echo' INT stty -echo - read PASSWORD + read -r PASSWORD stty echo printf "\n" PASSWORD="$(echo "$PASSWORD" | shasum | awk '{print $1}')" } +usage() { + echo "Usage: vault <new|open|close|resize> <vault>" + exit 1 +} + random=$(tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c10) if [ "$1" = "new" ]; then if [ -z "$2" ]; then - echo "Usage: $0 new <vault>" - exit 1 + usage fi if [ -f "$2" ]; then @@ -36,7 +40,7 @@ if [ "$1" = "new" ]; then prompt_password - dd if=/dev/zero of="$vault" bs=1M count=32 + dd if=/dev/zero of="$vault" bs=1M count=32 >/dev/null 2>&1 echo "$PASSWORD" | cryptsetup -q -d - luksFormat "$vault" echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$vault" "$ident" @@ -44,15 +48,20 @@ if [ "$1" = "new" ]; then sudo cryptsetup -q luksClose "$ident" elif [ "$1" = "open" ]; then if [ -z "$2" ]; then - echo "Usage: $0 open <vault>" - exit 1 + usage fi - if [ ! -f ./"$(basename "$2")" ]; then + base="$(basename "$2")" + if [ ! -f ./"$base" ]; then echo "You need to be in the same directory as the vault file" exit 1 fi + if [ -d ./"$base" ]; then + echo "There already exists a directory $base" + exit 1 + fi + vault="$2" ident="$vault$random" newname=".$vault-$ident" @@ -64,10 +73,10 @@ elif [ "$1" = "open" ]; then mkdir "$vault" echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$newname" "$ident" sudo mount /dev/mapper/"$ident" "$vault" + sudo chown "$USER" "$vault" elif [ "$1" = "close" ]; then if [ -z "$2" ]; then - echo "Usage: $0 close <vault>" - exit 1 + usage fi base="$(basename "$2")" @@ -91,4 +100,40 @@ elif [ "$1" = "close" ]; then sudo cryptsetup -q luksClose "$ident" rm -rf "$opened" mv "$vault" "$opened" +elif [ "$1" = "resize" ]; then + if [ -z "$2" ]; then + usage + fi + + if [ ! -f ./"$(basename "$2")" ]; then + echo "You need to be in the same directory as the vault file" + exit 1 + fi + + vault="$2" + ident="$vault$random" + + # echo "Backing up $vault to .$ident.bak" + cp "$vault" ".$ident.bak" + + current="$(ls -lh "$vault" | awk '{print $5}')" + echo "Current: $current" + printf "Expand by: " + read -r increase + + # TODO: remove requirement for qemu-img + # I tried using dd/truncate/etc but it didn't work.. + qemu-img resize -q -f raw "$vault" +"$increase" + + prompt_password + + echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$vault" "$ident" + echo "$PASSWORD" | sudo cryptsetup -q -d - resize /dev/mapper/"$ident" + sudo e2fsck -f /dev/mapper/"$ident" >/dev/null 2>&1 + sudo resize2fs /dev/mapper/"$ident" >/dev/null 2>&1 + sudo cryptsetup -q luksClose "$ident" + + rm ".$ident.bak" +else + usage fi |