External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-10 15:12:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

nc-encrypt.sh: Run gocryptfs as transient systemd service

Browse Source 
Signed-off-by: Tobias Knöppler <6317548+theCalcaholic@users.noreply.github.com>
This commit is contained in:
Tobias Knöppler 2024-08-19 12:23:46 +02:00
parent 92587ac813
commit 6598d864fa
No known key found for this signature in database
GPG Key ID: 3510056072886A8F
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
bin/ncp-update-nc
View File

@ -52,6 +52,7 @@ then
exit $? exit $?
fi fi
systemctl reset-failed ncp-encrypt ||:
systemd-run -u 'ncp-update-nc' bash -c "DBG='${DBG:-}' /usr/local/bin/ncp-update-nc.d/update-nc.sh '${VER}' |& tee /var/log/ncp-update-nc.log" systemd-run -u 'ncp-update-nc' bash -c "DBG='${DBG:-}' /usr/local/bin/ncp-update-nc.d/update-nc.sh '${VER}' |& tee /var/log/ncp-update-nc.log"
sleep 5 sleep 5

7
bin/ncp/SECURITY/nc-encrypt.sh
View File

@ -55,9 +55,11 @@ configure()
return return
fi fi
export PASSWORD
# Just mount already encrypted data # Just mount already encrypted data
if [[ -f "${encdir?}"/gocryptfs.conf ]]; then if [[ -f "${encdir?}"/gocryptfs.conf ]]; then
echo "${PASSWORD?}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d systemctl reset-failed ncp-encrypt ||:
systemd-run -u ncp-encrypt -E PASSWORD bash -c "gocryptfs -allow_other -q '${encdir}' '${datadir}' <<<\"\${PASSWORD}\" 2>&1 | sed /^Switch/d |& tee /var/log/ncp-encrypt.log"
# switch to the regular virtual hosts after we decrypt, so we can access NC and ncp-web # switch to the regular virtual hosts after we decrypt, so we can access NC and ncp-web
a2ensite ncp 001-nextcloud a2ensite ncp 001-nextcloud
@ -75,7 +77,8 @@ configure()
mv "${datadir?}" "${tmpdir?}" mv "${datadir?}" "${tmpdir?}"
mkdir "${datadir}" mkdir "${datadir}"
echo "${PASSWORD}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d systemctl reset-failed ncp-encrypt ||:
systemd-run -u ncp-encrypt -E PASSWORD bash -c "gocryptfs -allow_other -q '${encdir}' '${datadir}' <<<\"\${PASSWORD}\" 2>&1 | sed /^Switch/d |& tee /var/log/ncp-encrypt.log"
echo "Encrypting data..." echo "Encrypting data..."
mv "${tmpdir}"/* "${tmpdir}"/.[!.]* "${datadir}" mv "${tmpdir}"/* "${tmpdir}"/.[!.]* "${datadir}"