From 5433345ad4c042313d30709b413d12dbbda3ed99 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 24 Jan 2021 10:23:23 +0100
Subject: [PATCH] l: move ecryptfs-hack to wrapper
---
lass/3modules/sync-containers.nix | 2 --
lass/5pkgs/ecrypt/default.nix | 5 ++++-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/lass/3modules/sync-containers.nix b/lass/3modules/sync-containers.nix
index ebf440c4e..4dd0fd722 100644
--- a/lass/3modules/sync-containers.nix
+++ b/lass/3modules/sync-containers.nix
@@ -10,8 +10,6 @@ with import <stockholm/lib>;
plain = ''
'';
ecryptfs = ''
- # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
- echo 4 | ${pkgs.ecryptfs}/bin/ecryptfs-manager
if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then
if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then
${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state
diff --git a/lass/5pkgs/ecrypt/default.nix b/lass/5pkgs/ecrypt/default.nix
index 9bb35a8dc..f83f8cfe7 100644
--- a/lass/5pkgs/ecrypt/default.nix
+++ b/lass/5pkgs/ecrypt/default.nix
@@ -3,7 +3,6 @@
#usage: ecrypt mount /var/crypted /var/unencrypted
pkgs.writers.writeDashBin "ecrypt" ''
set -euf
- set -x
PATH=${lib.makeBinPath (with pkgs; [
coreutils
@@ -32,6 +31,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
echo 'destination dir is not empty, aborting'
exit 1
else
+ # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+ echo 4 | ecryptfs-manager
stty -echo
printf "passphrase: "
read passphrase
@@ -59,6 +60,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
if keyctl list @u | grep -q "$old_sig"; then
echo 'pw already saved'
else
+ # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+ echo 4 | ecryptfs-manager
stty -echo
printf "passphrase: "
read passphrase