dotfiles/nushell/config/mount.nu

# startx checks if disks are mounted
def startx [] {
    # I'm used to running startx right after I login, to this first mount my
    # disks and then runs startx.
    mount-disk

    # Then I run startx
    /bin/startx
}

# mount my encrypted disks
def mount-disk [] {

    # If there is no $env.PRIMARY_DISK_UUID, we don't have to decrypt / mount anything
    if not ("PRIMARY_DISK_UUID" in $env) {
        return
    }

    # In my home on my encrypted partition, I have an empty file in ~/.mounted,
    # this way, I can easily check if my encrypted partition is mounted or not.
    if ("~/.mounted"| path exists) {
        print -en "already mounted\n"
        return
    }

    mut passphrase = ""

    # On my computer, I have two disks, one NVMe with my OS, and one HDD with
    # more space. I want three attempts at typing the passphrase.
    for retry in [1, 2, 3] {

        # Because they're encrypted with the same passphrase, I read the
        # passphrase once, and then decrypt both disks.
        sudo echo -n
        let local_passphrase = (input -s "Enter your passphrase: ")
        print -en "\n"

        # Mount the NVMe encrypted partition
        let mounted = do { $local_passphrase | sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.PRIMARY_DISK_UUID) luks } | complete

        # If mounted correctly, break this loop and mount other partitions.
        if $mounted.exit_code == 0 {
            print -en (ansi green_bold) "Passphrase correct\n" (ansi reset)
            $passphrase = $local_passphrase
            break
        } else if $retry == 3 {
            # If the third attempt failed, exit
            error make {msg: "couldn't decrypt disk"}
        } else {
            print -en (ansi red_bold) "Passphrase incorrect, please try again\n" (ansi reset)
        }
    }

    sudo mount /dev/mapper/luks /home

    if ("SECONDARY_DISK_UUID" in $env) {
        $passphrase | sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.SECONDARY_DISK_UUID) luks2
        sudo mount /dev/mapper/luks2 /mnt
    }

    # Some services cannot be started on boot because my encrypted drives are
    # not mounted yet, so I mount them here.
    systemctl start --user pueued
    sudo systemctl start docker
}
Cleaning 2023-11-29 11:25:24 +01:00			`# startx checks if disks are mounted`
			`def startx [] {`
			`# I'm used to running startx right after I login, to this first mount my`
			`# disks and then runs startx.`
			`mount-disk`

			`# Then I run startx`
			`/bin/startx`
			`}`

			`# mount my encrypted disks`
			`def mount-disk [] {`

			`# If there is no $env.PRIMARY_DISK_UUID, we don't have to decrypt / mount anything`
			`if not ("PRIMARY_DISK_UUID" in $env) {`
			`return`
			`}`

			`# In my home on my encrypted partition, I have an empty file in ~/.mounted,`
			`# this way, I can easily check if my encrypted partition is mounted or not.`
			`if ("~/.mounted"\| path exists) {`
			`print -en "already mounted\n"`
			`return`
			`}`

			`mut passphrase = ""`

			`# On my computer, I have two disks, one NVMe with my OS, and one HDD with`
			`# more space. I want three attempts at typing the passphrase.`
			`for retry in [1, 2, 3] {`

			`# Because they're encrypted with the same passphrase, I read the`
			`# passphrase once, and then decrypt both disks.`
			`sudo echo -n`
			`let local_passphrase = (input -s "Enter your passphrase: ")`
			`print -en "\n"`

			`# Mount the NVMe encrypted partition`
			`let mounted = do { $local_passphrase \| sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.PRIMARY_DISK_UUID) luks } \| complete`

			`# If mounted correctly, break this loop and mount other partitions.`
			`if $mounted.exit_code == 0 {`
			`print -en (ansi green_bold) "Passphrase correct\n" (ansi reset)`
			`$passphrase = $local_passphrase`
			`break`
			`} else if $retry == 3 {`
			`# If the third attempt failed, exit`
			`error make {msg: "couldn't decrypt disk"}`
			`} else {`
			`print -en (ansi red_bold) "Passphrase incorrect, please try again\n" (ansi reset)`
			`}`
			`}`

			`sudo mount /dev/mapper/luks /home`

			`if ("SECONDARY_DISK_UUID" in $env) {`
			`$passphrase \| sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.SECONDARY_DISK_UUID) luks2`
			`sudo mount /dev/mapper/luks2 /mnt`
			`}`

			`# Some services cannot be started on boot because my encrypted drives are`
			`# not mounted yet, so I mount them here.`
			`systemctl start --user pueued`
			`sudo systemctl start docker`
			`}`