#!/bin/bash

# DESCRIPTION:
#
# Open and mount dm_crypt container the easy way.


# USAGE:
#
# sesame open
#   or
# sesame close


# PREPARATIONS:
#
# cd
# dd if=/dev/urandom of=./secrets.dd bs=4096 count=65536
# sudo aptitude install cryptsetup
# sudo losetup /dev/loop0 ./secrets.dd
# sudo cryptsetup luksFormat /dev/loop0
# sudo cryptsetup luksOpen /dev/loop0 ./secrets
# sudo mkfs.ext4 -L secrets /dev/mapper/secrets
# mkdir secrets
# sudo mount /dev/mapper/secrets ./secrets
# sudo chown -R pi:pi ./secrets
# touch ./secrets/test
# sudo umount /dev/mapper/secrets
# sudo cryptsetup luksClose secrets
# sudo losetup -d /dev/loop0


readonly NAME="secrets"
readonly CONTAINER="/home/pi/${NAME}.dd"
readonly MOUNTPOINT="/home/pi/${NAME}"

case "${1}" in
  open)
    if [ ! -f "${CONTAINER}" ] ; then
      printf "ERROR: container file is missing - EXIT!\n"
      exit 1
    fi

    if ! losetup -a | grep -F "${CONTAINER}" > /dev/null 2>&1 ; then
      sudo losetup $( losetup -f ) "${CONTAINER}"
    else
      printf "NOTICE: the container has already been looped.\n"
    fi

    readonly LOOPDEVICE="$( losetup -a | grep -F "${CONTAINER}" | cut -d ":" -f 1 )"

    if ! sudo cryptsetup status "${NAME}" | grep -F "/dev/mapper/${NAME} is active" > /dev/null 2>&1 ; then
      sudo cryptsetup luksOpen "${LOOPDEVICE}" "${NAME}"
    else
      printf "NOTICE: ${CONTAINER} has already been opened.\n"
    fi

    if [ ! -d "${MOUNTPOINT}" ] ; then
      mkdir "${MOUNTPOINT}"
      printf "NOTICE: I have created the mountpoint for you.\n"
    fi

    if ! grep "/dev/mapper/${NAME}" /proc/mounts > /dev/null 2>&1 ; then
      sudo mount "/dev/mapper/${NAME}" "${NAME}"
    else
      printf "NOTICE: open container has already been mounted.\n"
    fi
    ;;
  close)
    if grep "/dev/mapper/${NAME}" /proc/mounts > /dev/null 2>&1 ; then
      sudo umount "/dev/mapper/${NAME}" 2> /dev/null
      if [ "${?}" -ne 0 ] ; then
        printf "ERROR: container could not be unmounted - EXIT!\n"
        exit 1
      fi
    else
      printf "NOTICE: open container has not been mounted.\n"
    fi

    if sudo cryptsetup status "${NAME}" | grep -F "/dev/mapper/${NAME} is active" > /dev/null 2>&1 ; then
      sudo cryptsetup luksClose "${NAME}"
    else
      printf "NOTICE: ${CONTAINER} has not been opened.\n"
    fi

    readonly LOOPDEVICE="$( losetup -a | grep -F "${CONTAINER}" | cut -d ":" -f 1 )"

    if [ -n "${LOOPDEVICE}" ] ; then
      sudo losetup -d "${LOOPDEVICE}"
    else
      printf "NOTICE: the container has not been looped.\n"
    fi

    ;;
  *)
    printf "ERROR: I do not understand you - EXIT!\n"
    exit 1

esac

exit 0