l: move ecryptfs-hack to wrapper

2021-01-24 10:23:23 +01:00 · 2021-01-24 10:23:23 +01:00 · 5433345ad4
commit 5433345ad4
parent 1fb17be4d1
2 changed files with 4 additions and 3 deletions
--- a/lass/3modules/sync-containers.nix
+++ b/lass/3modules/sync-containers.nix
@ -10,8 +10,6 @@ with import <stockholm/lib>;
    plain = ''
    '';
    ecryptfs = ''
-      # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
-      echo 4 | ${pkgs.ecryptfs}/bin/ecryptfs-manager
      if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then
        if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then
          ${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state
--- a/lass/5pkgs/ecrypt/default.nix
+++ b/lass/5pkgs/ecrypt/default.nix
@ -3,7 +3,6 @@
 #usage: ecrypt mount /var/crypted /var/unencrypted
 pkgs.writers.writeDashBin "ecrypt" ''
  set -euf
-  set -x

  PATH=${lib.makeBinPath (with pkgs; [
    coreutils
@ -32,6 +31,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
        echo 'destination dir is not empty, aborting'
        exit 1
      else
+        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+        echo 4 | ecryptfs-manager
        stty -echo
        printf "passphrase: "
        read  passphrase
@ -59,6 +60,8 @@ pkgs.writers.writeDashBin "ecrypt" ''
      if keyctl list @u | grep -q "$old_sig"; then
        echo 'pw already saved'
      else
+        # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
+        echo 4 | ecryptfs-manager
        stty -echo
        printf "passphrase: "
        read  passphrase