2026-03-12 20:51:59

bash/cifs_veracrypt_resilio_start

@@ -0,0 +1,63 @@
+#!/usr/bin/bash
+
+URL_ALIVE="https://public.databasepro.fr/.secrets/alive.txt"
+URL_ENC_PASS="https://public.databasepro.fr/.secrets/linux.txt"
+SECRET="For#LinuxM1ntVer@crypt"
+
+
+
+RUNTIME="1 minute"
+ENDTIME=$(date -ud "$RUNTIME" +%s)
+
+while [[ $(date -u +%s) -le $ENDTIME ]]
+do
+    echo -n "`date +%H:%M:%S`: waiting for remote encrypyted password file.. "
+    ALIVE=$(curl -s ${URL_ALIVE})
+    if [ "$ALIVE" == "yes" ]; then
+    	echo "OK"
+    	break
+    fi
+    echo "retrying in 10 seconds.."
+    sleep 10
+done
+
+if [ "$ALIVE" != "yes" ]; then
+ 	echo "Remote encrypyted password file is not available, giving up"
+   	exit -1
+fi
+
+
+
+# Get encrypted passwords JSON from URL
+JSON_ENC_PASS=$(curl -s ${URL_ENC_PASS})
+
+# Decode JSON
+ENC_PASS_CIFS=$(jq '.cifs' <<< "${JSON_ENC_PASS}")
+ENC_PASS_VERACRYPT=$(jq '.veracrypt' <<< "${JSON_ENC_PASS}")
+
+# Remove first and last double quote from values
+AUX="${ENC_PASS_CIFS%\"}"
+AUX="${AUX#\"}"
+ENC_PASS_CIFS=${AUX}
+
+AUX="${ENC_PASS_VERACRYPT%\"}"
+AUX="${AUX#\"}"
+ENC_PASS_VERACRYPT=${AUX}
+
+# Uncrypt passwords
+PASS_CIFS=$(echo ${ENC_PASS_CIFS} | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:${SECRET})
+PASS_VERACRYPT=$(echo ${ENC_PASS_VERACRYPT} | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:${SECRET})
+
+# Mount CIFS
+sudo mount -t cifs //192.168.0.9/share /mnt/yavin4 -o vers=2.0,uid=smbuser,gid=smbuser,file_mode=0775,dir_mode=0775,user=vplesnila,password=${PASS_CIFS},mfsymlinks
+
+# Mount Veracrypt volume
+veracrypt --text --mount /home/vplesnila/data/veracrypt_01.volume  /mnt/rslsync  --pim 0 --keyfiles "" --protect-hidden no --slot 1 --password ${PASS_VERACRYPT} --verbose
+
+# Start Resilio Sync
+systemctl --user start resilio-sync
+
+# Show FS
+df -hT
+
+