diff --git a/cs b/cs new file mode 100755 index 0000000..bd9402c --- /dev/null +++ b/cs @@ -0,0 +1,82 @@ +#! /usr/bin/env bash +FILE="$(realpath "${BASH_SOURCE[0]}")" +NAME="$(basename "${FILE}")" + +ACTION_OPEN='open' +ACTION_CLOSE='close' + +CONTAINERS_DIRECTORY="/data/home/user/crypt" + +CONTAINERS_MAP_DIRECTORY='/dev/mapper' +CONTAINERS_MOUNT_DIRECTORY='/media' + +function main { +local action="${1}" +local pass_phrase +local container +local container_name +local container_file +local container_map_file +local container_mount_directory + +case "${action}" in + "${ACTION_OPEN}"|"${ACTION_CLOSE}") + shift + if [ "${1}" ]; then + if [ "${action}" == "${ACTION_OPEN}" ]; then + echo -n 'PassPhrase: ' + read -r -s pass_phrase + echo + fi + for container in "${@}"; do + echo + case "${container}" in + 'p') container_name='private' ;; + 's') container_name='sensitive' ;; + 'w') container_name='work' ;; + *) container_name="${container}" ;; + esac + container_file="${CONTAINERS_DIRECTORY}/${container_name}" + if [ -f "${container_file}" ]; then + container_map_file="${CONTAINERS_MAP_DIRECTORY}/${container_name}" + container_mount_directory="${CONTAINERS_MOUNT_DIRECTORY}/${container_name}" + case "${action}" in + "${ACTION_OPEN}") + echo "${container_file} → ${container_map_file}" + echo "${pass_phrase}" \ + | cryptsetup luksOpen "${container_file}" "${container_name}" + if [ ${?} -eq 0 ]; then + mkdir --parents "${container_mount_directory}" + echo "${container_map_file} → ${container_mount_directory}" + mount "${container_map_file}" "${container_mount_directory}" + fi + ;; + "${ACTION_CLOSE}") + echo "${container_map_file} ← ${container_mount_directory}" + if umount "${container_map_file}"; then + rmdir --ignore-fail-on-non-empty "${container_mount_directory}" + echo "${container_file} ← ${container_map_file}" + cryptsetup luksClose "${container_name}" + fi + ;; + esac + else + echo 'This path does not point to a file!' + fi + done + else + echo 'No container name provided!' + fi + ;; + *) + echo 'Usage:' + echo "${NAME} [${ACTION_OPEN}|${ACTION_CLOSE}] [p] [s] [w]" + echo + echo 'p = private' + echo 's = sensitive' + echo 'w = work' + ;; +esac +} + +main "${@}" diff --git a/cs.old b/cs.old new file mode 100755 index 0000000..bd9402c --- /dev/null +++ b/cs.old @@ -0,0 +1,82 @@ +#! /usr/bin/env bash +FILE="$(realpath "${BASH_SOURCE[0]}")" +NAME="$(basename "${FILE}")" + +ACTION_OPEN='open' +ACTION_CLOSE='close' + +CONTAINERS_DIRECTORY="/data/home/user/crypt" + +CONTAINERS_MAP_DIRECTORY='/dev/mapper' +CONTAINERS_MOUNT_DIRECTORY='/media' + +function main { +local action="${1}" +local pass_phrase +local container +local container_name +local container_file +local container_map_file +local container_mount_directory + +case "${action}" in + "${ACTION_OPEN}"|"${ACTION_CLOSE}") + shift + if [ "${1}" ]; then + if [ "${action}" == "${ACTION_OPEN}" ]; then + echo -n 'PassPhrase: ' + read -r -s pass_phrase + echo + fi + for container in "${@}"; do + echo + case "${container}" in + 'p') container_name='private' ;; + 's') container_name='sensitive' ;; + 'w') container_name='work' ;; + *) container_name="${container}" ;; + esac + container_file="${CONTAINERS_DIRECTORY}/${container_name}" + if [ -f "${container_file}" ]; then + container_map_file="${CONTAINERS_MAP_DIRECTORY}/${container_name}" + container_mount_directory="${CONTAINERS_MOUNT_DIRECTORY}/${container_name}" + case "${action}" in + "${ACTION_OPEN}") + echo "${container_file} → ${container_map_file}" + echo "${pass_phrase}" \ + | cryptsetup luksOpen "${container_file}" "${container_name}" + if [ ${?} -eq 0 ]; then + mkdir --parents "${container_mount_directory}" + echo "${container_map_file} → ${container_mount_directory}" + mount "${container_map_file}" "${container_mount_directory}" + fi + ;; + "${ACTION_CLOSE}") + echo "${container_map_file} ← ${container_mount_directory}" + if umount "${container_map_file}"; then + rmdir --ignore-fail-on-non-empty "${container_mount_directory}" + echo "${container_file} ← ${container_map_file}" + cryptsetup luksClose "${container_name}" + fi + ;; + esac + else + echo 'This path does not point to a file!' + fi + done + else + echo 'No container name provided!' + fi + ;; + *) + echo 'Usage:' + echo "${NAME} [${ACTION_OPEN}|${ACTION_CLOSE}] [p] [s] [w]" + echo + echo 'p = private' + echo 's = sensitive' + echo 'w = work' + ;; +esac +} + +main "${@}" diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..cbcd2bc --- /dev/null +++ b/readme.md @@ -0,0 +1,12 @@ +# SH + +## Tasks + +* [ ] git switch signing commits & tags +* [ ] shellcheck & shfmt +* [ ] python tools +* [ ] log +* [ ] hetzner +* [ ] apt + * [ ] apt-file search | grep +* [ ] ffmpeg diff --git a/sh/alias/overlay.sh b/sh/alias/overlay.sh index 6357655..307c470 100644 --- a/sh/alias/overlay.sh +++ b/sh/alias/overlay.sh @@ -3,7 +3,7 @@ a__overlay_bind_mount() { local directory for directory in "dev" "dev/pts" "proc" "sys"; do if ! mount --bind "/${directory}" "overlay/mount/${directory}"; then - rwx_log_error "Unable to bind mount directory: ${directory}" + sh_log_error "Unable to bind mount directory: ${directory}" return 1 fi done @@ -14,7 +14,7 @@ a__overlay_bind_unmount() { local directory for directory in "sys" "proc" "dev/pts" "dev"; do if ! umount --lazy "overlay/mount/${directory}"; then - rwx_log_error "Unable to bind unmount directory: ${directory}" + sh_log_error "Unable to bind unmount directory: ${directory}" return 1 fi done @@ -47,36 +47,36 @@ orm() { a__overlay_root_mount "${@}"; } a__overlay_root_mount() { local root="${1}" if [ -z "${root}" ]; then - rwx_log_error "No root target directory" + sh_log_error "No root target directory" return 1 fi root="$(realpath "${root}")" if ! mkdir "overlay"; then - rwx_log_error "Unable to make overlay directory" + sh_log_error "Unable to make overlay directory" return 2 fi ( if ! cd "overlay"; then - rwx_log_error "Unable to move into overlay directory" + sh_log_error "Unable to move into overlay directory" return 3 fi local directory for directory in "lower" "upper" "work" "mount"; do if ! mkdir --parents "${directory}"; then - rwx_log_error "Unable to make directory: ${directory}" + sh_log_error "Unable to make directory: ${directory}" return 4 fi done local file="${root}/filesystem.squashfs" if ! mount "${file}" "lower"; then - rwx_log_error "Unable to lower mount: ${file}" + sh_log_error "Unable to lower mount: ${file}" return 5 fi if ! mount \ -o "lowerdir=lower,upperdir=upper,workdir=work" \ -t "overlay" \ "overlay" "mount"; then - rwx_log_error "Unable to overlay mount" + sh_log_error "Unable to overlay mount" return 6 fi ) @@ -106,35 +106,35 @@ oru() { a__overlay_root_unmount "${@}"; } a__overlay_root_unmount() { ( if ! cd "overlay"; then - rwx_log_error "Unable to move into overlay directory" + sh_log_error "Unable to move into overlay directory" return 1 fi if ! umount "mount"; then - rwx_log_error "Unable to unmount mount directory" + sh_log_error "Unable to unmount mount directory" return 2 fi if ! rmdir "mount"; then - rwx_log_error "Unable to remove mount directory" + sh_log_error "Unable to remove mount directory" return 3 fi local directory for directory in "upper" "work"; do if ! rm --force --recursive "${directory}"; then - rwx_log_error "Unable to remove directory: ${directory}" + sh_log_error "Unable to remove directory: ${directory}" return 4 fi done if ! umount "lower"; then - rwx_log_error "Unable to unmount lower directory" + sh_log_error "Unable to unmount lower directory" return 5 fi if ! rmdir "lower"; then - rwx_log_error "Unable to remove lower directory" + sh_log_error "Unable to remove lower directory" return 6 fi ) if ! rmdir "overlay"; then - rwx_log_error "Unable to remove overlay directory" + sh_log_error "Unable to remove overlay directory" return 7 fi } diff --git a/sh/gnome.sh b/sh/gnome.sh index 11831fb..c30e612 100644 --- a/sh/gnome.sh +++ b/sh/gnome.sh @@ -14,11 +14,11 @@ rwx_gnome_workspaces_primary() { local var="${group}/${name}" # get bool="$(gsettings get "${group}" "${name}")" - rwx_log_debug "${var}: ${bool}" + sh_log_debug "${var}: ${bool}" # not - bool="$(rwx_not "${bool}")" - rwx_log_debug "bool: ${bool}" + bool="$(sh_not "${bool}")" + sh_log_debug "bool: ${bool}" # set gsettings set "${group}" "${name}" "${bool}" - rwx_log_info "${var}: ${bool}" + sh_log_info "${var}: ${bool}" } diff --git a/sh/lint/shellcheck.sh b/sh/lint/shellcheck.sh index 11b5b0d..df2c02d 100644 --- a/sh/lint/shellcheck.sh +++ b/sh/lint/shellcheck.sh @@ -2,13 +2,13 @@ rwx_shellcheck_check() { local root="${1}" local file module modules path file="$(mktemp)" - modules="$(rwx_find_sh "${root}")" - rwx_ifs_set + modules="$(sh_find_sh "${root}")" + _sh_ifs_new for module in ${modules}; do path="${root}/${module}" echo ". \"${path}\"" >>"${file}" done - rwx_ifs_unset + _sh_ifs_pop shellcheck \ --check-sourced \ --enable "all" \ diff --git a/sh/main.sh b/sh/main.sh index b2dd223..694b38b 100644 --- a/sh/main.sh +++ b/sh/main.sh @@ -2,19 +2,19 @@ # │ constants │ # ╰───────────╯ -RWX_MAIN_FILE_NAME="main.sh" -RWX_NAME="sh" +SH_MAIN_NAME="main.sh" +SH_NAME="sh" -RWX_ROOT_SYSTEM="/etc/${RWX_NAME}" +SH_ROOT="/etc/${SH_NAME}" -RWX_MAIN="${RWX_ROOT_SYSTEM}/${RWX_MAIN_FILE_NAME}" +SH_MAIN="${SH_ROOT}/${SH_MAIN_NAME}" # ╭───────────╮ # │ variables │ # ╰───────────╯ -RWX_SHELL="$(cat "/proc/${$}/comm")" -RWX_ROOT_USER="${HOME}/${RWX_NAME}" +SH_SHELL="$(cat "/proc/${$}/comm")" +SH_USER="${HOME}/${SH_NAME}" # ╭──────────╮ # │ internal │ @@ -102,7 +102,7 @@ rwx_main_source() { [ -d "${path}" ] || return 1 local cmd count module modules - modules="$(rwx_find_sh "${path}" "${RWX_MAIN_FILE_NAME}")" + modules="$(rwx_find_sh "${path}" "${SH_MAIN_NAME}")" rwx_ifs_set count=0 _rwx_main_log "" \ @@ -130,20 +130,20 @@ rwx_main_source() { # run initial steps rwx_main() { # system root - if ! rwx_main_source "${RWX_ROOT_SYSTEM}"; then - _rwx_main_log "Not a directory: ${RWX_ROOT_SYSTEM}" + if ! rwx_main_source "${SH_ROOT}"; then + _rwx_main_log "Not a directory: ${SH_ROOT}" return 1 fi # user root - rwx_main_source "${RWX_ROOT_USER}" + rwx_main_source "${SH_USER}" # run interactive extras if rwx_shell_interactive; then # check format rwx_log - rwx_shfmt_check "${RWX_ROOT_SYSTEM}" + rwx_shfmt_check "${SH_ROOT}" # check syntax rwx_log - rwx_shellcheck_check "${RWX_ROOT_SYSTEM}" + rwx_shellcheck_check "${SH_ROOT}" # help rwx_log rwx_help diff --git a/sh/rescue/common.sh b/sh/rescue/common.sh index 4e2684a..f2c9d10 100644 --- a/sh/rescue/common.sh +++ b/sh/rescue/common.sh @@ -1,9 +1,9 @@ rwx_rescue_configure() { local hostname="${1}" # apt / conf - rwx_apt_conf_write + sh_apt_conf_write # apt / sources - rwx_apt_sources_write + sh_apt_sources_write # bash / rc main_link_bashrc mv "${HOME}/.bashrc" "${HOME}/.bashrc.old" @@ -17,26 +17,26 @@ fr_FR.UTF-8 UTF-8 # generate locales locale-gen # update catalog - rwx_apt_update + sh_apt_update # disable frontend - rwx_debian_frontend_disable + sh_debian_frontend_disable # install backports - rwx_apt_install_backports "tmux" + sh_apt_install_backports "tmux" # install packages - rwx_apt_install_release "apt-file" "mosh" "screen" "byobu" + sh_apt_install_release "apt-file" "mosh" "screen" "byobu" # update catalog - rwx_apt_update + sh_apt_update } rwx_rescue_install() { # update catalog - rwx_apt_update + sh_apt_update # disable frontend - rwx_debian_frontend_disable + sh_debian_frontend_disable # upgrade packages - rwx_apt_upgrade + sh_apt_upgrade # install packages - rwx_apt_install_release \ + sh_apt_install_release \ "man-db" \ "dmidecode" "efibootmgr" "lshw" "pciutils" "usbutils" \ "parted" "mdadm" "cryptsetup-bin" "lvm2" \ @@ -45,7 +45,7 @@ rwx_rescue_install() { "exa" "lf" "ncdu" "nnn" "ranger" "tree" \ "file" "htop" "iotop" "ipcalc" "libdigest-sha3-perl" "lsof" # install backports - rwx_apt_install_backports \ + sh_apt_install_backports \ "grub-pc-bin" \ \ "grub-efi-amd64-bin" @@ -84,7 +84,7 @@ rwx_rescue_upload() { } rwx_rescue_wipe_1_zero() { - rwx_fs_wipe "/dev/mapper/crypt" "512M" + sh_fs_wipe "/dev/mapper/crypt" "512M" } rwx_rescue_wipe_3_close() { diff --git a/sh/rescue/hetzner.sh b/sh/rescue/hetzner.sh index 9d22847..8fe73e3 100644 --- a/sh/rescue/hetzner.sh +++ b/sh/rescue/hetzner.sh @@ -7,9 +7,9 @@ rwx_rescue_wipe_0_init_hetzner_8_8() { local number local passphrase # read passphrase - passphrase="$(rwx_read_passphrase)" + passphrase="$(sh_read_passphrase)" # warn - rwx_warn_wipe "${@}" + sh_warn_wipe "${@}" # number=0 for device in "${@}"; do @@ -34,7 +34,7 @@ rwx_rescue_wipe_0_init_hetzner_8_8() { echo echo "#${number}: ${device}4" # wipe bios - rwx_fs_wipe "${device}4" + sh_fs_wipe "${device}4" done # number=0 @@ -43,8 +43,8 @@ rwx_rescue_wipe_0_init_hetzner_8_8() { echo echo "#${number}: ${device}3" # format esp - rwx_fs_wipe "${device}3" "1M" - rwx_fs_make_fat "${device}3" "esp-${number}" "0000000${number}" + sh_fs_wipe "${device}3" "1M" + sh_fs_make_fat "${device}3" "esp-${number}" "0000000${number}" # mount esp mkdir --parents "/media/esp/${number}" mount "${device}3" "/media/esp/${number}" @@ -56,17 +56,17 @@ rwx_rescue_wipe_0_init_hetzner_8_8() { echo echo "#${number}: ${device}2" # wipe boot - rwx_fs_wipe "${device}2" "1G" 1 + sh_fs_wipe "${device}2" "1G" 1 done # members="" for device in "${@}"; do members="${members} ${device}2" done - rwx_fs_raid_create \ + sh_fs_raid_create \ "boot" "00000000:00000000:00000000:00000002" ${members} # - rwx_fs_make_btrfs "/dev/md/boot" "boot" \ + sh_fs_make_btrfs "/dev/md/boot" "boot" \ "00000000-0000-0000-0000-00000000000b" # mount boot mkdir --parents "/media/boot" @@ -80,17 +80,17 @@ rwx_rescue_wipe_0_init_hetzner_8_8() { echo echo "#${number}: ${device}1" # wipe crypt head - rwx_fs_wipe "${device}1" "1G" 1 + sh_fs_wipe "${device}1" "1G" 1 done # members="" for device in "${@}"; do members="${members} ${device}1" done - rwx_fs_raid_create \ + sh_fs_raid_create \ "crypt" "00000000:00000000:00000000:00000001" ${members} # encrypt - rwx_fs_luks_format "${passphrase}" "/dev/md/crypt" + sh_fs_luks_format "${passphrase}" "/dev/md/crypt" # open echo "${passphrase}" | cryptsetup luksOpen "/dev/md/crypt" "crypt" @@ -103,16 +103,16 @@ rwx_rescue_wipe_2_make_hetzner_8_8() { # close cryptsetup luksClose "crypt" # read passphrase - passphrase="$(rwx_read_passphrase)" + passphrase="$(sh_read_passphrase)" # encrypt - rwx_fs_luks_format "${passphrase}" "/dev/md/crypt" + sh_fs_luks_format "${passphrase}" "/dev/md/crypt" # open echo "${passphrase}" | cryptsetup luksOpen "/dev/md/crypt" "crypt" # passphrase unset passphrase # format crypt - rwx_fs_make_btrfs "/dev/mapper/crypt" "crypt" \ + sh_fs_make_btrfs "/dev/mapper/crypt" "crypt" \ "00000000-0000-0000-0000-00000000000c" # mount crypt mkdir --parents "/media/crypt" @@ -120,6 +120,6 @@ rwx_rescue_wipe_2_make_hetzner_8_8() { --options "autodefrag,compress-force=zstd" \ "/dev/mapper/crypt" "/media/crypt" # make swap file - rwx_fs_make_btrfs_swap "/media/crypt/swap" "64g" \ + sh_fs_make_btrfs_swap "/media/crypt/swap" "64g" \ "00000000-0000-0000-0000-000000000005" } diff --git a/sh/rescue/ovh.sh b/sh/rescue/ovh.sh index b4120e2..c7d89c2 100644 --- a/sh/rescue/ovh.sh +++ b/sh/rescue/ovh.sh @@ -2,9 +2,9 @@ rwx_rescue_wipe_0_init_ovh_vle2() { local device="/dev/sdb" local passphrase # read passphrase - passphrase="$(rwx_read_passphrase)" + passphrase="$(sh_read_passphrase)" # warn - rwx_warn_wipe "${device}" + sh_warn_wipe "${device}" # parted --script "${device}" \ mktable gpt \ @@ -16,27 +16,27 @@ rwx_rescue_wipe_0_init_ovh_vle2() { mkpart bios 1 2 \ set 4 bios_grub on # bios / wipe - rwx_fs_wipe "${device}4" + sh_fs_wipe "${device}4" # esp / wipe - rwx_fs_wipe "${device}3" "1M" + sh_fs_wipe "${device}3" "1M" # esp / format - rwx_fs_make_fat "${device}3" "esp" "00000001" + sh_fs_make_fat "${device}3" "esp" "00000001" # esp / mount mkdir --parents "/media/esp" mount "${device}3" "/media/esp" # boot / wipe - rwx_fs_wipe "${device}2" "1G" 1 + sh_fs_wipe "${device}2" "1G" 1 # boot / format - rwx_fs_make_btrfs "${device}2" "boot" \ + sh_fs_make_btrfs "${device}2" "boot" \ "00000000-0000-0000-0000-00000000000b" # boot / mount mkdir --parents "/media/boot" mount --options "autodefrag,compress-force=zstd" \ "${device}2" "/media/boot" # crypt / wipe - rwx_fs_wipe "${device}1" "1G" 1 + sh_fs_wipe "${device}1" "1G" 1 # crypt / encrypt - rwx_fs_luks_format "${passphrase}" "${device}1" + sh_fs_luks_format "${passphrase}" "${device}1" # crypt / open echo "${passphrase}" | cryptsetup luksOpen "${device}1" "crypt" @@ -50,22 +50,22 @@ rwx_rescue_wipe_2_make_ovh_vle2() { # crypt / close cryptsetup luksClose "crypt" # read passphrase - passphrase="$(rwx_read_passphrase)" + passphrase="$(sh_read_passphrase)" # crypt / encrypt - rwx_fs_luks_format "${passphrase}" "${device}1" + sh_fs_luks_format "${passphrase}" "${device}1" # crypt / open echo "${passphrase}" | cryptsetup luksOpen "${device}1" "crypt" # passphrase unset passphrase # crypt / format - rwx_fs_make_btrfs "/dev/mapper/crypt" "crypt" \ + sh_fs_make_btrfs "/dev/mapper/crypt" "crypt" \ "00000000-0000-0000-0000-00000000000c" # crypt / mount mkdir --parents "/media/crypt" mount --options "autodefrag,compress-force=zstd" \ "/dev/mapper/crypt" "/media/crypt" # crypt / swap - rwx_fs_make_btrfs_swap "/media/crypt/swap" "4g" \ + sh_fs_make_btrfs_swap "/media/crypt/swap" "4g" \ "00000000-0000-0000-0000-000000000005" }