nixfiles/profiles/nixos/usbAutoMount.nix

{
  pkgs,
  self,
  ...
}: let
  encryptedUSB = import "${self}/data/drives/encryptedUSB.nix";

  encUSBMount = pkgs.writeShellScriptBin "enc_usb_mount" ''
    export MAPPER_NAME=''${MAPPER_NAME:-${encryptedUSB.mapperName}}
    set -x
    ${encUSBUnmount}/bin/enc_usb_unmount
    cat /secrets/usb_encryption_passphrase | cryptsetup luksOpen ${encryptedUSB.encryptedPath} $MAPPER_NAME -
    mount /dev/mapper/$MAPPER_NAME -o rw ${encryptedUSB.mountpoint}
  '';

  encUSBUnmount = pkgs.writeShellScriptBin "enc_usb_unmount" ''
    export MAPPER_NAME=''${MAPPER_NAME:-${encryptedUSB.mapperName}}
    set -x
    umount -flR ${encryptedUSB.mountpoint} || true
    cryptsetup close $MAPPER_NAME || true
  '';
in {
  environment.systemPackages = [encUSBMount encUSBUnmount];

  systemd.tmpfiles.rules = ["d ${encryptedUSB.mountpoint} - chaos root"];

  systemd.services.enc-usb-mount = {
    path = [pkgs.util-linux pkgs.cryptsetup];
    wantedBy = ["multi-user.target"];
    script = ''
      ${encUSBMount}/bin/enc_usb_mount
    '';
  };

  systemd.services.enc-usb-unmount = {
    path = [pkgs.util-linux pkgs.cryptsetup];
    script = ''
      ${encUSBMount}/bin/enc_usb_unmount
    '';
  };

  services.udev.extraRules = ''
    ACTION=="add", ENV{PARTNAME}=="${encryptedUSB.encryptedPartLabel}", ENV{SYSTEMD_WANTS}="enc-usb-mount.service", ENV{UDISKS_PRESENTATION_HIDE}="1"
    ACTION=="remove", ENV{PARTNAME}=="${encryptedUSB.encryptedPartLabel}", ENV{SYSTEMD_WANTS}="enc-usb-unmount.service"
  '';
}
initial cleanup work 2024-07-24 14:13:59 +01:00			`{`
			`pkgs,`
			`self,`
			`...`
			`}: let`
			`encryptedUSB = import "${self}/data/drives/encryptedUSB.nix";`
major tidy 2023-09-18 03:56:58 +01:00
more work on piped stuff 2023-09-19 17:53:44 +01:00			`encUSBMount = pkgs.writeShellScriptBin "enc_usb_mount" ''`
gaming updates, font sizes and encrypted usb 2024-07-17 20:13:22 +01:00			`export MAPPER_NAME=''${MAPPER_NAME:-${encryptedUSB.mapperName}}`
change how usb drive automount works 2022-12-14 10:08:14 +00:00			`set -x`
start work on maybe a arm server 2023-09-19 22:30:02 +01:00			`${encUSBUnmount}/bin/enc_usb_unmount`
gaming updates, font sizes and encrypted usb 2024-07-17 20:13:22 +01:00			`cat /secrets/usb_encryption_passphrase \| cryptsetup luksOpen ${encryptedUSB.encryptedPath} $MAPPER_NAME -`
			`mount /dev/mapper/$MAPPER_NAME -o rw ${encryptedUSB.mountpoint}`
tablet 2022-11-10 11:25:33 +00:00			`'';`
formatting of usb-automount file 2022-12-14 10:11:51 +00:00
more work on piped stuff 2023-09-19 17:53:44 +01:00			`encUSBUnmount = pkgs.writeShellScriptBin "enc_usb_unmount" ''`
fix warnings & deprecations 2024-07-18 18:30:10 +01:00			`export MAPPER_NAME=''${MAPPER_NAME:-${encryptedUSB.mapperName}}`
			`set -x`
			`umount -flR ${encryptedUSB.mountpoint} \|\| true`
			`cryptsetup close $MAPPER_NAME \|\| true`
tablet 2022-11-10 11:25:33 +00:00			`'';`
			`in {`
more work on piped stuff 2023-09-19 17:53:44 +01:00			`environment.systemPackages = [encUSBMount encUSBUnmount];`
tablet 2022-11-10 11:25:33 +00:00
major tidy 2023-09-18 03:56:58 +01:00			`systemd.tmpfiles.rules = ["d ${encryptedUSB.mountpoint} - chaos root"];`
tablet 2022-11-10 11:25:33 +00:00
change how usb drive automount works 2022-12-14 10:08:14 +00:00			`systemd.services.enc-usb-mount = {`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`path = [pkgs.util-linux pkgs.cryptsetup];`
change how usb drive automount works 2022-12-14 10:08:14 +00:00			`wantedBy = ["multi-user.target"];`
tablet 2022-11-10 11:25:33 +00:00			`script = ''`
more work on piped stuff 2023-09-19 17:53:44 +01:00			`${encUSBMount}/bin/enc_usb_mount`
tablet 2022-11-10 11:25:33 +00:00			`'';`
			`};`

change how usb drive automount works 2022-12-14 10:08:14 +00:00			`systemd.services.enc-usb-unmount = {`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`path = [pkgs.util-linux pkgs.cryptsetup];`
tablet 2022-11-10 11:25:33 +00:00			`script = ''`
start work on maybe a arm server 2023-09-19 22:30:02 +01:00			`${encUSBMount}/bin/enc_usb_unmount`
tablet 2022-11-10 11:25:33 +00:00			`'';`
			`};`

			`services.udev.extraRules = ''`
major tidy 2023-09-18 03:56:58 +01:00			`ACTION=="add", ENV{PARTNAME}=="${encryptedUSB.encryptedPartLabel}", ENV{SYSTEMD_WANTS}="enc-usb-mount.service", ENV{UDISKS_PRESENTATION_HIDE}="1"`
			`ACTION=="remove", ENV{PARTNAME}=="${encryptedUSB.encryptedPartLabel}", ENV{SYSTEMD_WANTS}="enc-usb-unmount.service"`
tablet 2022-11-10 11:25:33 +00:00			`'';`
			`}`