add mk-enc-usb
This commit is contained in:
ChaotiCryptidz
parent
5e112b21bb
commit
3577d42f13
32
extras/mk-enc-usb.nix
Normal file
32
extras/mk-enc-usb.nix
Normal file
|
|
@ -0,0 +1,32 @@
|
||||||
|
{ stdenv, bash, parted, cryptsetup, e2fsprogs }:
|
||||||
|
let usb_data = import ../hosts/lappy/hardware/usb_data.nix { };
|
||||||
|
in stdenv.mkDerivation {
|
||||||
|
name = "mk-enc-usb";
|
||||||
|
src = ./mk-enc-usb.sh;
|
||||||
|
unpackPhase = ''
|
||||||
|
for srcFile in $src; do
|
||||||
|
cp $srcFile $(stripHash $srcFile)
|
||||||
|
done
|
||||||
|
'';
|
||||||
|
|
||||||
|
inherit bash;
|
||||||
|
inherit parted;
|
||||||
|
inherit cryptsetup;
|
||||||
|
inherit e2fsprogs;
|
||||||
|
|
||||||
|
patchPhase = ''
|
||||||
|
substituteAllInPlace mk-enc-usb.sh
|
||||||
|
substituteInPlace mk-enc-usb.sh \
|
||||||
|
--replace "@TEST@" "nyaaaaa" \
|
||||||
|
--replace "@USB_FILESYSTEM@" "${usb_data.unencrypted_fs_type}" \
|
||||||
|
--replace "@USB_ENCRYPTED_PARTLABEL@" "${usb_data.encrypted_partlabel}" \
|
||||||
|
--replace "@USB_UNENCRYPTED_LABEL@" "${usb_data.unencrypted_label}"
|
||||||
|
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp mk-enc-usb.sh $out/bin/mk-enc-usb
|
||||||
|
chmod +x $out/bin/mk-enc-usb
|
||||||
|
'';
|
||||||
|
}
|
||||||
56
extras/mk-enc-usb.sh
Normal file
56
extras/mk-enc-usb.sh
Normal file
|
|
@ -0,0 +1,56 @@
|
||||||
|
#! @bash@/bin/sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# e.g /dev/sdb
|
||||||
|
USB_DEVICE=$1
|
||||||
|
|
||||||
|
if echo "$USB_DEVICE" | grep -q "[0-9]$"; then
|
||||||
|
PARTITION_SEPARATOR="p"
|
||||||
|
else
|
||||||
|
PARTITION_SEPARATOR=""
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$USB_DEVICE" ]; then
|
||||||
|
echo "Please specify a path to device as first argument"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$EUID" -ne 0 ]; then
|
||||||
|
echo "Please run as root"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
# e.g. ext4, btrfs, etc
|
||||||
|
USB_FILESYSTEM=@USB_FILESYSTEM@
|
||||||
|
# encrypted partition label
|
||||||
|
USB_ENCRYPTED_PARTLABEL=@USB_ENCRYPTED_PARTLABEL@
|
||||||
|
# unencrypted filesystem label
|
||||||
|
USB_UNENCRYPTED_LABEL=@USB_UNENCRYPTED_LABEL@
|
||||||
|
|
||||||
|
echo "Creating Encrypted USB."
|
||||||
|
|
||||||
|
echo "Creating Partitions..."
|
||||||
|
@parted@/bin/parted ${USB_DEVICE} -- mklabel gpt
|
||||||
|
@parted@/bin/parted ${USB_DEVICE} -- mkpart primary 0% 100%
|
||||||
|
|
||||||
|
echo "Creating Encrypted Partition"
|
||||||
|
@cryptsetup@/bin/cryptsetup luksFormat "${USB_DEVICE}${PARTITION_SEPARATOR}1"
|
||||||
|
|
||||||
|
echo "Opening Encrypted Partition"
|
||||||
|
@cryptsetup@/bin/cryptsetup open "${USB_DEVICE}${PARTITION_SEPARATOR}1" "mk_enc_usb"
|
||||||
|
|
||||||
|
echo "Making Encrypted Filesystem"
|
||||||
|
if [ "${USB_FILESYSTEM}" == "ext4" ]; then
|
||||||
|
@e2fsprogs@/bin/mkfs.ext4 -L "${USB_UNENCRYPTED_LABEL}" /dev/mapper/mk_enc_usb
|
||||||
|
else
|
||||||
|
echo "Invalid Filesystem, please make script support it."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Closing Encrypted Partition"
|
||||||
|
@cryptsetup@/bin/cryptsetup close "mk_enc_usb"
|
||||||
|
|
||||||
|
# Do this now so that i can run the damn script with usb-automount and stop it trying to mount
|
||||||
|
echo "Naming Partitions"
|
||||||
|
@parted@/bin/parted ${USB_DEVICE} -- name 1 "${USB_ENCRYPTED_PARTLABEL}"
|
||||||
|
|
@ -50,6 +50,7 @@ in {
|
||||||
bat
|
bat
|
||||||
exa
|
exa
|
||||||
deploy-rs.packages."x86_64-linux".deploy-rs
|
deploy-rs.packages."x86_64-linux".deploy-rs
|
||||||
|
(pkgs-x86_64-linux.callPackage ./extras/mk-enc-usb.nix {})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue