diff options
author | lassulus <lassulus@lassul.us> | 2021-01-24 10:23:23 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2021-01-24 10:23:23 +0100 |
commit | 5433345ad4c042313d30709b413d12dbbda3ed99 (patch) | |
tree | e761d0e365fb8fc50a50e74c926f9bda341f6f8c | |
parent | 1fb17be4d16a0dff55b7f384047c8ed2c660164a (diff) |
l: move ecryptfs-hack to wrapper
-rw-r--r-- | lass/3modules/sync-containers.nix | 2 | ||||
-rw-r--r-- | lass/5pkgs/ecrypt/default.nix | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/lass/3modules/sync-containers.nix b/lass/3modules/sync-containers.nix index ebf440c4e..4dd0fd722 100644 --- a/lass/3modules/sync-containers.nix +++ b/lass/3modules/sync-containers.nix @@ -10,8 +10,6 @@ with import <stockholm/lib>; plain = '' ''; ecryptfs = '' - # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails - echo 4 | ${pkgs.ecryptfs}/bin/ecryptfs-manager if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then ${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix index 9bb35a8dc..f83f8cfe7 100644 --- a/lass/5pkgs/ecrypt/default.nix +++ b/lass/5pkgs/ecrypt/default.nix @@ -3,7 +3,6 @@ #usage: ecrypt mount /var/crypted /var/unencrypted pkgs.writers.writeDashBin "ecrypt" '' set -euf - set -x PATH=${lib.makeBinPath (with pkgs; [ coreutils @@ -32,6 +31,8 @@ pkgs.writers.writeDashBin "ecrypt" '' echo 'destination dir is not empty, aborting' exit 1 else + # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails + echo 4 | ecryptfs-manager stty -echo printf "passphrase: " read passphrase @@ -59,6 +60,8 @@ pkgs.writers.writeDashBin "ecrypt" '' if keyctl list @u | grep -q "$old_sig"; then echo 'pw already saved' else + # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails + echo 4 | ecryptfs-manager stty -echo printf "passphrase: " read passphrase |