|
@@ -0,0 +1,269 @@
|
|
|
+#!/bin/bash
|
|
|
+#/##################################################################\
|
|
|
+#| Basic scrypt to automount Encrypted Dropbox with CryFS. |
|
|
|
+#| Guzmán Castanedo (guzman@castanedo.es) |
|
|
|
+#| November 2016 |
|
|
|
+#| Licence: GPL 3.0 -> https://www.gnu.org/licenses/gpl-3.0.en.html |
|
|
|
+#| NOTE: It's necesary to configure Dropbox to basedir folder |
|
|
|
+#| before run this script, because it need to be empty or |
|
|
|
+#| Dropbox client will move to a new folder. |
|
|
|
+#| NEXT: I want to implement auto config the Dropbox client, but |
|
|
|
+#| it use a encrypted SQLite database. So it's harder. |
|
|
|
+#\##################################################################/
|
|
|
+
|
|
|
+#Functions
|
|
|
+function usage {
|
|
|
+ printf "USAGE:\t"$(basename "$0")" [OPTIONS]\n"
|
|
|
+ printf "OPTIONS:\n"
|
|
|
+ printf "\t-b, --basedir basedir\n"
|
|
|
+ printf "\t\tSet the encrypted folder that Dropbox client are going to\n"
|
|
|
+ printf "\t\tupload.\n"
|
|
|
+ printf "\t\tDefault: /home/$USER/.DropboxEncrypted/Dropbox/ENCRYPTED\n"
|
|
|
+ printf "\t-m, --mountdir mountdir\n"
|
|
|
+ printf "\t\tSet the decrypted folder.\n"
|
|
|
+ printf "\t\tDefault: /home/$USER/Dropbox\n"
|
|
|
+ printf "\t-v, --verbose\n"
|
|
|
+ printf "\t\tSet verbose mode.\n"
|
|
|
+ printf "\t\tDefault: false\n"
|
|
|
+ printf "\t-p, --password password\n"
|
|
|
+ printf "\t\tSet password for CryFS encrypted volume.\n"
|
|
|
+ printf "\t\tIf not set it'll ask iteractively.\n"
|
|
|
+ printf "\t-c, --config cryfsconfig\n"
|
|
|
+ printf "\t\tSet the configuration file for CryFS.\n"
|
|
|
+ printf "\t\tDefault: basedir/cryfs.config\n"
|
|
|
+ printf "\t--not-start-at-login\n"
|
|
|
+ printf "\t\tNot start cryfs at login time.\n"
|
|
|
+ printf "\t\tDefault: true\n"
|
|
|
+ printf "\t\tCAUTION: plain password will be saved in:\n"
|
|
|
+ printf "\t\t~/.config/autostart/cryfs-dropbox.desktop\n"
|
|
|
+ printf "\t--new-volume\n"
|
|
|
+ printf "\t\tCreate a new volume.\n"
|
|
|
+ printf "\t\tDefault: false\n"
|
|
|
+ printf "\t--blocksize\n"
|
|
|
+ printf "\t\tChange the ciphertext block size in bytes\n"
|
|
|
+ printf "\t\tDefault: 524288 (512 KB)\n"
|
|
|
+ printf "\t\tCryFS use by default 32KB, but a 17 GB volume can generate\n"
|
|
|
+ printf "\t\tup to 400,000 files with this...\n"
|
|
|
+ printf "\t\tThe Dropbox client get crazzy!\n"
|
|
|
+}
|
|
|
+
|
|
|
+function createautostart {
|
|
|
+ #createautostart $basedir $mountdir $cryfsconfig $pass
|
|
|
+ if [ ! $# -eq 4 ];then
|
|
|
+ echo "ERROR: Internal error generating autostart file."
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ startfile=/home/$USER/.config/autostart/cryfs-dropbox.desktop
|
|
|
+ if [ ! -d /home/$USER/.config/autostart ]; then
|
|
|
+ #Create directory (parents if needed)
|
|
|
+ mkdir -p /home/$USER/.config/autostart
|
|
|
+ fi
|
|
|
+ #Not necessary to check existance because we're going to overwrite
|
|
|
+ echo "[Desktop Entry]" | tee $startfile > /dev/null
|
|
|
+ echo "Type=Application" | tee -a $startfile > /dev/null
|
|
|
+ echo "Exec=cryfs-dropbox -b $1 -m $2 -c $3 -p $4" | tee -a $startfile > /dev/null
|
|
|
+ echo "X-GNOME-Autostart-enabled=true" | tee -a $startfile > /dev/null
|
|
|
+ echo "NoDisplay=false" | tee -a $startfile > /dev/null
|
|
|
+ echo "Hidden=false" | tee -a $startfile > /dev/null
|
|
|
+ echo "Name=CryFS-Dropbox" | tee -a $startfile > /dev/null
|
|
|
+ echo "Comment=Automount CryFS for Dropbox" | tee -a $startfile > /dev/null
|
|
|
+ echo "X-GNOME-Autostart-Delay=0" | tee -a $startfile > /dev/null
|
|
|
+}
|
|
|
+
|
|
|
+function printpaths {
|
|
|
+ #printpaths $basedir $mountdir $cryfsconfig
|
|
|
+ printf "Base Dir:\t%s\n" $1
|
|
|
+ printf "Mount Dir:\t%s\n" $2
|
|
|
+ printf "CryFS Dir:\t%s\n" $3
|
|
|
+ echo
|
|
|
+}
|
|
|
+
|
|
|
+#Bash main
|
|
|
+export CRYFS_FRONTEND=noninteractive
|
|
|
+basedir=/home/$USER/.DropboxEncrypted/Dropbox/ENCRYPTED
|
|
|
+mountdir=/home/$USER/Dropbox
|
|
|
+blocksize=524288
|
|
|
+verbose=false
|
|
|
+startlogin=true
|
|
|
+configset=false
|
|
|
+newvolume=false
|
|
|
+
|
|
|
+#Parse args
|
|
|
+#With getopts
|
|
|
+TEMP="$(getopt -q -o b:m:p:vhc: --long basedir:,mountdir:,password:,verbose,help,config:,not-start-at-login,new-volume,blocksize: -n "$(basename "$0")" -- "$@")"
|
|
|
+eval set -- "$TEMP"
|
|
|
+unset TEMP
|
|
|
+while true; do
|
|
|
+ case "$1" in
|
|
|
+ -b|--basedir)
|
|
|
+ #basedir
|
|
|
+ basedir=$2
|
|
|
+ shift 2
|
|
|
+ ;;
|
|
|
+ -m|--mountdir)
|
|
|
+ #mountdir
|
|
|
+ mountdir=$2
|
|
|
+ shift 2
|
|
|
+ ;;
|
|
|
+ -p|--password)
|
|
|
+ #password
|
|
|
+ pass=$2
|
|
|
+ shift 2
|
|
|
+ ;;
|
|
|
+ -v|--verbose)
|
|
|
+ #verbose
|
|
|
+ verbose=true
|
|
|
+ shift
|
|
|
+ ;;
|
|
|
+ -h|--help)
|
|
|
+ #Help
|
|
|
+ usage
|
|
|
+ exit
|
|
|
+ ;;
|
|
|
+ -c|--config)
|
|
|
+ #CryFS Config File
|
|
|
+ cryfsconfig=$2
|
|
|
+ configset=true
|
|
|
+ shift 2
|
|
|
+ ;;
|
|
|
+ --not-start-at-login)
|
|
|
+ startlogin=false
|
|
|
+ shift
|
|
|
+ ;;
|
|
|
+ --new-volume)
|
|
|
+ newvolume=true
|
|
|
+ shift
|
|
|
+ ;;
|
|
|
+ --blocksize)
|
|
|
+ blocksize=$2
|
|
|
+ shift 2
|
|
|
+ ;;
|
|
|
+ --)
|
|
|
+ #Last one
|
|
|
+ shift
|
|
|
+ break
|
|
|
+ ;;
|
|
|
+ *)
|
|
|
+ #Unspected
|
|
|
+ usage
|
|
|
+ echo "ERROR: Invalid option $1"
|
|
|
+ exit 1
|
|
|
+ ;;
|
|
|
+ esac
|
|
|
+done
|
|
|
+
|
|
|
+#Check if cryfs is installed
|
|
|
+if [ ! -x /usr/local/bin/cryfs ]; then
|
|
|
+ echo "ERROR: CryFS is not installed."
|
|
|
+ echo "https://www.cryfs.org/#download"
|
|
|
+ exit 1
|
|
|
+fi
|
|
|
+
|
|
|
+#Check if cryfs-dropbox is installed
|
|
|
+if [ ! -x /usr/local/bin/$(basename "$0") ]; then
|
|
|
+ echo "WARNING: "$(basename "$0")" is not installed."
|
|
|
+ echo "We'll use root access only for installation."
|
|
|
+ test=$(sudo whoami)
|
|
|
+ if [ $test = "root" ]; then
|
|
|
+ sudo cp ./$(basename "$0") /usr/local/bin/
|
|
|
+ sudo chmod +x /usr/local/bin/$(basename "$0")
|
|
|
+ else
|
|
|
+ echo "ERROR: No root access!"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo "Installation Success!"
|
|
|
+ echo
|
|
|
+fi
|
|
|
+
|
|
|
+#Check if directories exist
|
|
|
+if [ ! -d $basedir ]; then
|
|
|
+ printpaths $basedir $mountdir $cryfsconfig
|
|
|
+ echo "ERROR: $basedir is not a directory."
|
|
|
+ exit 1
|
|
|
+fi
|
|
|
+
|
|
|
+if [ ! -d $mountdir ]; then
|
|
|
+ printpaths $basedir $mountdir $cryfsconfig
|
|
|
+ echo "ERROR: $mountdir is not a directory."
|
|
|
+ exit 1
|
|
|
+fi
|
|
|
+
|
|
|
+#Check encrypt cryfs volume exists (config file)
|
|
|
+if [ $configset = false ]; then
|
|
|
+ #We use to set it in basedir (CryFS Default)
|
|
|
+ cryfsconfig=$basedir/cryfs.config
|
|
|
+fi
|
|
|
+if [ ! -f $cryfsconfig ]; then
|
|
|
+ #Config file doesn't exist
|
|
|
+ if [ $newvolume = false ]; then
|
|
|
+ printpaths $basedir $mountdir $cryfsconfig
|
|
|
+ echo "ERROR: $cryfsconfig doesn't exist."
|
|
|
+ echo "If this is a new volume enter the tag: --new-volume"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+else
|
|
|
+ if [ $newvolume = true ]; then
|
|
|
+ printpaths $basedir $mountdir $cryfsconfig
|
|
|
+ echo "ERROR: Volume exists."
|
|
|
+ echo "If you want to load it, remove the tag: --new-volume"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+fi
|
|
|
+
|
|
|
+#Convert to absolute path
|
|
|
+basedir=$(realpath $basedir)
|
|
|
+mountdir=$(realpath $mountdir)
|
|
|
+cryfsconfig=$(realpath $cryfsconfig)
|
|
|
+
|
|
|
+#Verbose
|
|
|
+if [ $verbose = true ];then
|
|
|
+ printpaths $basedir $mountdir $cryfsconfig
|
|
|
+fi
|
|
|
+
|
|
|
+#Check if password is set
|
|
|
+if [ -z $pass ]; then
|
|
|
+ if [ $newvolume = true ]; then
|
|
|
+ #Twice
|
|
|
+ cont=false
|
|
|
+ while [ $cont = false ]; do
|
|
|
+ printf "Password:\t"
|
|
|
+ read -s pass1
|
|
|
+ printf "\nRepeat Password:\t"
|
|
|
+ read -s pass2
|
|
|
+ echo
|
|
|
+ if [ $pass1 = $pass2 ]; then
|
|
|
+ pass=$pass1
|
|
|
+ cont=true
|
|
|
+ else
|
|
|
+ printf "Wrong password. Try again:\n"
|
|
|
+ fi
|
|
|
+ done
|
|
|
+ unset cont pass1 pass2
|
|
|
+ else
|
|
|
+ #Single
|
|
|
+ printf "Password:\t"
|
|
|
+ read -s pass
|
|
|
+ echo
|
|
|
+ fi
|
|
|
+fi
|
|
|
+
|
|
|
+#Before start let's check if autostart on login
|
|
|
+if [ $startlogin = true ]; then
|
|
|
+ #Let's create it
|
|
|
+ if [ $verbose = true ];then
|
|
|
+ printf "Creating start at login.........\t"
|
|
|
+ fi
|
|
|
+ createautostart $basedir $mountdir $cryfsconfig $pass
|
|
|
+ if [ $verbose = true ];then
|
|
|
+ printf "Done!\n"
|
|
|
+ fi
|
|
|
+fi
|
|
|
+
|
|
|
+#Mount with CryFS
|
|
|
+if [ $verbose = true ]; then
|
|
|
+ printf "Starting CryFS..................\t"
|
|
|
+fi
|
|
|
+echo $pass | cryfs --blocksize $blocksize -c $cryfsconfig $basedir $mountdir 2>&1 > /dev/null
|
|
|
+if [ $verbose = true ]; then
|
|
|
+ printf "Done!\n"
|
|
|
+fi
|