summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2021-01-24 10:23:23 +0100
committerlassulus <lassulus@lassul.us>2021-01-24 10:23:23 +0100
commit5433345ad4c042313d30709b413d12dbbda3ed99 (patch)
treee761d0e365fb8fc50a50e74c926f9bda341f6f8c /lass
parent1fb17be4d16a0dff55b7f384047c8ed2c660164a (diff)
l: move ecryptfs-hack to wrapper
Diffstat (limited to 'lass')
-rw-r--r--lass/3modules/sync-containers.nix2
-rw-r--r--lass/5pkgs/ecrypt/default.nix5
2 files changed, 4 insertions, 3 deletions
diff --git a/lass/3modules/sync-containers.nix b/lass/3modules/sync-containers.nix
index ebf440c4e..4dd0fd722 100644
--- a/lass/3modules/sync-containers.nix
+++ b/lass/3modules/sync-containers.nix
@@ -10,8 +10,6 @@ with import <stockholm/lib>;
plain = ''
'';
ecryptfs = ''
- # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
- echo 4 | ${pkgs.ecryptfs}/bin/ecryptfs-manager
if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then
if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then
${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state
diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix
index 9bb35a8dc..f83f8cfe7 100644
--- a/lass/5pkgs/ecrypt/default.nix
+++ b/lass/5pkgs/ecrypt/default.nix
@@ -3,7 +3,6 @@
#usage: ecrypt mount /var/crypted /var/unencrypted
pkgs.writers.writeDashBin "ecrypt" ''
set -euf
- set -x
PATH=${lib.makeBinPath (with pkgs; [
coreutils
@@ -32,6 +31,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
echo 'destination dir is not empty, aborting'
exit 1
else
+ # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+ echo 4 | ecryptfs-manager
stty -echo
printf "passphrase: "
read passphrase
@@ -59,6 +60,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
if keyctl list @u | grep -q "$old_sig"; then
echo 'pw already saved'
else
+ # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+ echo 4 | ecryptfs-manager
stty -echo
printf "passphrase: "
read passphrase