From df586b4892c57ba7b14dc9400cc684d0ed0faff8 Mon Sep 17 00:00:00 2001
From: Georg Pfuetzenreuter
Date: Sun, 12 Jun 2022 22:13:29 +0200
Subject: Init S3/CryFS startup script

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
---
 scripts/sh/init-s3-cryfs.sh | 96 +++++++++++++++++++++++++++++++++++++++++++++
 systemd/init-s3.service     | 13 ++++++
 2 files changed, 109 insertions(+)
 create mode 100755 scripts/sh/init-s3-cryfs.sh
 create mode 100644 systemd/init-s3.service

diff --git a/scripts/sh/init-s3-cryfs.sh b/scripts/sh/init-s3-cryfs.sh
new file mode 100755
index 0000000..63bdc30
--- /dev/null
+++ b/scripts/sh/init-s3-cryfs.sh
@@ -0,0 +1,96 @@
+#!/bin/sh
+#Georg Pfuetzenreuter <georg@lysergic.dev>
+#Not intended for general purpose use - designed to initialize a construct of bind -> CryFS -> S3 mounts
+
+basemount="/s3"
+cryptmount="$basemount/container"
+sysmount="/mnt/s3cry"
+datamount="/data"
+ingestmount="$datamount/ingest/s3"
+clearingestmount="${ingestmount}_clear"
+
+mounts="/proc/mounts"
+
+check () {
+	grep -qs "$1" "$mounts"
+}
+
+check_ingestmount () {
+	if check "$ingestmount"
+	then
+		echo "Already mounted."
+		exit 0
+	fi
+}
+
+stop_mounts () {
+	if check "$ingestmount "
+	then
+		echo "Unmounting $ingestmount ..."
+		umount "$ingestmount"
+	fi
+	if check "$clearingestmount "
+	then
+		echo "Unmounting $clearingestmount ..."
+		umount "$clearingestmount"
+	fi
+	if check "$sysmount"
+	then
+		echo "Unmounting $sysmount ..."
+		fusermount -u "$sysmount"
+	fi
+	if check "$basemount"
+	then
+		echo "Unmounting $basemount ..."
+		umount "$basemount"
+	fi
+}
+
+start_mounts () {
+	check_ingestmount
+	if ! check "$basemount"
+	then
+		echo "Mounting $basemount ..."
+		s3fs lysergic "$basemount" -o url=https://s3.eu-central-2.wasabisys.com -o allow_other
+		if [ ! "$?" = "0" ]
+		then
+			echo "FATAL - s3fs failed"
+			exit 1
+		fi
+
+		#we don't want this, it's an unencrypted s3 mount, but helpful for testing
+		if ! check "$clearingestmount "
+		then
+			echo "Mounting $clearingestmount ..."
+			mount -o bind "$basemount/clear" "$clearingestmount"
+		fi
+
+		if ! check "$sysmount"
+		then
+			echo "Mounting $sysmount ..."
+			cryfs "$cryptmount" "$sysmount" -- -o allow_other < /etc/.cry >/dev/null 2>&1
+			if [ ! "$?" = "0" ]
+			then
+				echo "FATAL - cryfs failed"
+				exit 1
+			fi
+			if ! check "$ingestmount "
+			then
+				echo "Mounting $ingestmount ..."
+				mount -o bind "$sysmount" "$ingestmount"
+				if [ ! "$?" = "0" ]
+				then
+					echo "FATAL - bind mount failed"
+					exit 1
+				fi
+			fi
+		fi
+	fi
+}
+
+case "$1" in
+	"start" ) start_mounts ;;
+	"stop" ) stop_mounts ;;
+	"status" ) check_ingestmount ;;
+	* ) echo "$0 [start|stop|status]" ;;
+esac
diff --git a/systemd/init-s3.service b/systemd/init-s3.service
new file mode 100644
index 0000000..95df4db
--- /dev/null
+++ b/systemd/init-s3.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=LYSERGIC S3 Initiator
+After=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/init-s3.sh start
+ExecStop=/usr/local/bin/init-s3.sh stop
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target
+
-- 
cgit v1.2.3