dotfiles/nushell/config/mount.nu

# startx checks if disks are mounted
def startx [] {
    # I'm used to running startx right after I login, to this first mount my
    # disks and then runs startx.
    mount-disk

    # Then I run startx
    /bin/startx
}

# mount my encrypted disks
def mount-disk [] {

    # If there is no $env.PRIMARY_DISK_UUID, we don't have to decrypt / mount anything
    if not ("PRIMARY_DISK_UUID" in $env) {
        return
    }

    # In my home on my encrypted partition, I have an empty file in ~/.mounted,
    # this way, I can easily check if my encrypted partition is mounted or not.
    if ("~/.mounted"| path exists) {
        print -en "already mounted\n"
        return
    }

    mut passphrase = ""

    # On my computer, I have two disks, one NVMe with my OS, and one HDD with
    # more space. I want three attempts at typing the passphrase.
    for retry in [1, 2, 3] {

        # Because they're encrypted with the same passphrase, I read the
        # passphrase once, and then decrypt both disks.
        sudo echo -n
        let local_passphrase = (input -s "Enter your passphrase: ")
        print -en "\n"

        # Mount the NVMe encrypted partition
        let mounted = do { $local_passphrase | sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.PRIMARY_DISK_UUID) luks } | complete

        # If mounted correctly, break this loop and mount other partitions.
        if $mounted.exit_code == 0 {
            print -en (ansi green_bold) "Passphrase correct\n" (ansi reset)
            $passphrase = $local_passphrase
            break
        } else if $retry == 3 {
            # If the third attempt failed, exit
            error make {msg: "couldn't decrypt disk"}
        } else {
            print -en (ansi red_bold) "Passphrase incorrect, please try again\n" (ansi reset)
        }
    }

    sudo mount /dev/mapper/luks /home

    if ("SECONDARY_DISK_UUID" in $env) {
        $passphrase | sudo cryptsetup luksOpen ("/dev/disk/by-uuid/" + $env.SECONDARY_DISK_UUID) luks2
        sudo mount /dev/mapper/luks2 /mnt
    }

    # Some services cannot be started on boot because my encrypted drives are
    # not mounted yet, so I mount them here.
    systemctl start --user pueued
    sudo systemctl start docker
}