programming/bash/cifs_veracrypt_resilio_start

#!/usr/bin/bash

URL_ALIVE="https://public.databasepro.fr/.secrets/alive.txt"
URL_ENC_PASS="https://public.databasepro.fr/.secrets/linux.txt"
SECRET="For#LinuxM1ntVer@crypt"



RUNTIME="1 minute"
ENDTIME=$(date -ud "$RUNTIME" +%s)

while [[ $(date -u +%s) -le $ENDTIME ]]
do
    echo -n "`date +%H:%M:%S`: waiting for remote encrypyted password file.. "
    ALIVE=$(curl -s ${URL_ALIVE})
    if [ "$ALIVE" == "yes" ]; then
    	echo "OK"
    	break
    fi
    echo "retrying in 10 seconds.."
    sleep 10
done

if [ "$ALIVE" != "yes" ]; then
 	echo "Remote encrypyted password file is not available, giving up"
   	exit -1
fi



# Get encrypted passwords JSON from URL
JSON_ENC_PASS=$(curl -s ${URL_ENC_PASS})

# Decode JSON
ENC_PASS_CIFS=$(jq '.cifs' <<< "${JSON_ENC_PASS}")
ENC_PASS_VERACRYPT=$(jq '.veracrypt' <<< "${JSON_ENC_PASS}")

# Remove first and last double quote from values
AUX="${ENC_PASS_CIFS%\"}"
AUX="${AUX#\"}"
ENC_PASS_CIFS=${AUX}

AUX="${ENC_PASS_VERACRYPT%\"}"
AUX="${AUX#\"}"
ENC_PASS_VERACRYPT=${AUX}

# Uncrypt passwords
PASS_CIFS=$(echo ${ENC_PASS_CIFS} | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:${SECRET})
PASS_VERACRYPT=$(echo ${ENC_PASS_VERACRYPT} | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:${SECRET})

# Mount CIFS
sudo mount -t cifs //192.168.0.9/share /mnt/yavin4 -o vers=2.0,uid=smbuser,gid=smbuser,file_mode=0775,dir_mode=0775,user=vplesnila,password=${PASS_CIFS},mfsymlinks

# Mount Veracrypt volume
veracrypt --text --mount /home/vplesnila/data/veracrypt_01.volume  /mnt/rslsync  --pim 0 --keyfiles "" --protect-hidden no --slot 1 --password ${PASS_VERACRYPT} --verbose

# Start Resilio Sync
systemctl --user start resilio-sync

# Show FS
df -hT