From 1f7fb66baee1b1c655eafef51b7603c2773a6a84 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Mon, 19 Jun 2023 22:38:59 +0200
Subject: Added features

hehe
---
 license   | 13 +++++++++++++
 makefile  |  7 +++++++
 readme.md | 12 ++++++++++++
 vault.sh  | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---------
 4 files changed, 86 insertions(+), 9 deletions(-)
 create mode 100644 license
 create mode 100644 makefile
 create mode 100644 readme.md

diff --git a/license b/license
new file mode 100644
index 0000000..1fb6990
--- /dev/null
+++ b/license
@@ -0,0 +1,13 @@
+           DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                   Version 2, December 2004
+
+Copyright (C) 2023 Marvin Borner <develop@marvinborner.de>
+
+Everyone is permitted to copy and distribute verbatim or modified
+copies of this license document, and changing it is allowed as long
+as the name is changed.
+
+           DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+  TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. You just DO WHAT THE FUCK YOU WANT TO.
diff --git a/makefile b/makefile
new file mode 100644
index 0000000..c51bf60
--- /dev/null
+++ b/makefile
@@ -0,0 +1,7 @@
+TARGET=vault
+PREFIX?=/usr/local
+
+install:
+	@mkdir -p $(PREFIX)/bin
+	@cp -f $(TARGET).sh $(PREFIX)/bin/$(TARGET)
+	@chmod 755 $(PREFIX)/bin/$(TARGET)
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..f15f163
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,12 @@
+# Vault
+
+> simple tool for storing files securely using luks encryption
+
+[![demo](https://asciinema.org/a/UU1AhA26xlIs9bWkUMmJAYTbm.svg)](https://asciinema.org/a/UU1AhA26xlIs9bWkUMmJAYTbm?autoplay=1)
+
+## Instructions
+
+-   understand (and adapt) `vault.sh`
+-   install `cryptsetup`, `e2fsprogs` and `qemu-img` (for resizing)
+-   `sudo make install`
+-   `vault help`
diff --git a/vault.sh b/vault.sh
index 5aa7e40..28dc235 100755
--- a/vault.sh
+++ b/vault.sh
@@ -5,18 +5,22 @@ prompt_password() {
 	printf "Enter password: "
 	trap 'stty echo' INT
 	stty -echo
-	read PASSWORD
+	read -r PASSWORD
 	stty echo
 	printf "\n"
 	PASSWORD="$(echo "$PASSWORD" | shasum | awk '{print $1}')"
 }
 
+usage() {
+	echo "Usage: vault <new|open|close|resize> <vault>"
+	exit 1
+}
+
 random=$(tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c10)
 
 if [ "$1" = "new" ]; then
 	if [ -z "$2" ]; then
-		echo "Usage: $0 new <vault>"
-		exit 1
+		usage
 	fi
 
 	if [ -f "$2" ]; then
@@ -36,7 +40,7 @@ if [ "$1" = "new" ]; then
 
 	prompt_password
 
-	dd if=/dev/zero of="$vault" bs=1M count=32
+	dd if=/dev/zero of="$vault" bs=1M count=32 >/dev/null 2>&1
 	echo "$PASSWORD" | cryptsetup -q -d - luksFormat "$vault"
 
 	echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$vault" "$ident"
@@ -44,15 +48,20 @@ if [ "$1" = "new" ]; then
 	sudo cryptsetup -q luksClose "$ident"
 elif [ "$1" = "open" ]; then
 	if [ -z "$2" ]; then
-		echo "Usage: $0 open <vault>"
-		exit 1
+		usage
 	fi
 
-	if [ ! -f ./"$(basename "$2")" ]; then
+	base="$(basename "$2")"
+	if [ ! -f ./"$base" ]; then
 		echo "You need to be in the same directory as the vault file"
 		exit 1
 	fi
 
+	if [ -d ./"$base" ]; then
+		echo "There already exists a directory $base"
+		exit 1
+	fi
+
 	vault="$2"
 	ident="$vault$random"
 	newname=".$vault-$ident"
@@ -64,10 +73,10 @@ elif [ "$1" = "open" ]; then
 	mkdir "$vault"
 	echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$newname" "$ident"
 	sudo mount /dev/mapper/"$ident" "$vault"
+	sudo chown "$USER" "$vault"
 elif [ "$1" = "close" ]; then
 	if [ -z "$2" ]; then
-		echo "Usage: $0 close <vault>"
-		exit 1
+		usage
 	fi
 
 	base="$(basename "$2")"
@@ -91,4 +100,40 @@ elif [ "$1" = "close" ]; then
 	sudo cryptsetup -q luksClose "$ident"
 	rm -rf "$opened"
 	mv "$vault" "$opened"
+elif [ "$1" = "resize" ]; then
+	if [ -z "$2" ]; then
+		usage
+	fi
+
+	if [ ! -f ./"$(basename "$2")" ]; then
+		echo "You need to be in the same directory as the vault file"
+		exit 1
+	fi
+
+	vault="$2"
+	ident="$vault$random"
+
+	# echo "Backing up $vault to .$ident.bak"
+	cp "$vault" ".$ident.bak"
+
+	current="$(ls -lh "$vault" | awk '{print $5}')"
+	echo "Current: $current"
+	printf "Expand by: "
+	read -r increase
+
+	# TODO: remove requirement for qemu-img
+	# I tried using dd/truncate/etc but it didn't work..
+	qemu-img resize -q -f raw "$vault" +"$increase"
+
+	prompt_password
+
+	echo "$PASSWORD" | sudo cryptsetup -q -d - luksOpen "$vault" "$ident"
+	echo "$PASSWORD" | sudo cryptsetup -q -d - resize /dev/mapper/"$ident"
+	sudo e2fsck -f /dev/mapper/"$ident" >/dev/null 2>&1
+	sudo resize2fs /dev/mapper/"$ident" >/dev/null 2>&1
+	sudo cryptsetup -q luksClose "$ident"
+
+	rm ".$ident.bak"
+else
+	usage
 fi
-- 
cgit v1.2.3