#!/bin/bash

# uDS - micro Data Security v0.7, 2008-2009
#   Author:  Peter MATO <mato.peter@andrews.hu>
#   Web:     http://www.fixme.hu/uds
#
# Licence: GPLv2
#   Please send fixes and improvements. -> <mato.peter@andrews.hu>
#
# WARNING:
#   This is a proof of concept tool. Use it carefully! I have been using
#     it without problem for half year, but I think further testing requred.
#
# Other comments:
#   Ideas:
#     Marcell ZAMBO, Adam MAULIS, Zoltan BORBELY, Janos FARAGO
#
# History:
#    v0.5   first usable version
#    v0.7   RAID: re-add, mostly-write, write-behind
#           mount: noatime -> relatime
#
# needed Debian/Ubuntu packages: mdadm cryptsetup
# needed kernel modules: loop dm_crypt

# todo:
#    better (haha) sync detect
#    store state
#    auto functions (autocreate, autosync, auto create loop)
#    zenity, kdialog, whiptail and text output for noobs
#    auto umount, crypt remove
#    ext2 -> ext4 nojournal

CFS_NAME=cfs2

# FIXME find a better way
RAID_SD_PART_SIZE=7718490
RAID_SD_PART=`awk "/ $RAID_SD_PART_SIZE sd/ "'{ print $4 }' /proc/partitions`
RAID_SD_PART=/dev/$RAID_SD_PART
CFS_FILE_PATH=$HOME
CFS_FILE_NAME=$CFS_NAME.dat
CFS_FILE=$CFS_FILE_PATH/$CFS_FILE_NAME
CFS_MOUNTPOINT=$HOME/$CFS_NAME
MD_DEVICE=/dev/md11
STAMP_EXTENSION='.stamp'

DEBUG='yes'
CFS_LOOP_DEV=`losetup -f`
DATE=`date +%F`

if [ ! -x /sbin/mdadm ]; then
    echo "mdadm not found."
    exit 1
fi

if [ ! -x /sbin/cryptsetup ]; then
    echo "cryptsetup not found."
    exit 1
fi

if [ ! -b $RAID_SD_PART ]; then
    echo "RAID SD's block device file not found."
    exit 1
fi

if [ ! -e $CFS_FILE ]; then
    echo "ERROR[3]: RAID data file does not exist ($CFS_FILE)"
    exit 3
fi

if [ "$DEBUG" == "yes" ]; then
    echo "RAID SD device: $RAID_SD_PART"
    echo "RAID file:      $CFS_FILE"
fi

if [ ! -b $CFS_LOOP_DEV ]; then
        echo "ERROR[1]: Loop device does not exist ($CFS_LOOP_DEV)"
        exit 1
fi
if [ ! -d $CFS_MOUNTPOINT ]; then
        echo "ERROR[2]: Cfs mountpoint does not exist ($CFS_MOUNTPOINT)"
        exit 2
fi

sudo echo -n ""
case $1 in
    create)
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo mdadm --create --verbose \
	    --bitmap=internal --name=$CFS_NAME $MD_DEVICE --level=mirror \
	    --raid-devices=2 --write-mostly --write-behind $RAID_SD_PART $CFS_LOOP_DEV
	sudo cryptsetup --verify-passphrase create $CFS_NAME $MD_DEVICE
	sudo mkfs.ext2 -L $CFS_NAME -m 0 /dev/mapper/$CFS_NAME
	;;

    start)
	echo "Starting up $CFS_NAME ..."
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo mdadm --assemble $MD_DEVICE $RAID_SD_PART $CFS_LOOP_DEV
	sleep 2
	sudo cryptsetup create $CFS_NAME $MD_DEVICE
	sudo mount -t ext2 -o relatime /dev/mapper/$CFS_NAME $CFS_MOUNTPOINT
	echo "Started $CFS_NAME successfully."
	;;

    start_nomount)
	echo "Starting up $CFS_NAME ..."
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo mdadm --assemble $MD_DEVICE $RAID_SD_PART $CFS_LOOP_DEV
	sleep 2
	sudo cryptsetup create $CFS_NAME $MD_DEVICE
	echo "Started $CFS_NAME successfully. Not mounted."
	echo "ext2 device is: /dev/mapper/$CFS_NAME"
	;;

    partstart_loop)
	echo "Starting up $CFS_NAME without SD ..."
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo mdadm --assemble --run $MD_DEVICE $CFS_LOOP_DEV
	# sudo mdadm --run $MD_DEVICE
	sleep 2
	sudo cryptsetup create $CFS_NAME $MD_DEVICE
	sudo mount -t ext2 -o relatime /dev/mapper/$CFS_NAME $CFS_MOUNTPOINT
	echo "Started $CFS_NAME successfully."
	;;

    partstart_sd)
	echo "Starting up $CFS_NAME without loop ..."
	sudo mdadm --assemble --run $MD_DEVICE $RAID_SD_PART
	# sudo mdadm --run $MD_DEVICE
	sleep 2
	sudo cryptsetup create $CFS_NAME $MD_DEVICE
	sudo mount -t ext2 -o relatime /dev/mapper/$CFS_NAME $CFS_MOUNTPOINT
	echo "Started $CFS_NAME successfully."
	;;

    partstart_sd_nomount)
	echo "Starting up $CFS_NAME without loop ..."
	sudo mdadm --assemble --run $MD_DEVICE $RAID_SD_PART
	# sudo mdadm --run $MD_DEVICE
	sleep 2
	sudo cryptsetup create $CFS_NAME $MD_DEVICE
	echo "Started $CFS_NAME successfully. Not mounted."
	echo "ext2 device is: /dev/mapper/$CFS_NAME"
	;;

    adddev_sd)
	echo "Adding SD device to $CFS_NAME ..."
	sudo mdadm --re-add $MD_DEVICE --write-mostly --write-behind $RAID_SD_PART
	echo "SD device successfully added."
	;;

    adddev_loop)
	echo "Adding loop device to $CFS_NAME ..."
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo mdadm --re-add $MD_DEVICE $CFS_LOOP_DEV
	echo "loop device successfully added."
	;;

    stop)
	echo "Shutting down $CFS_NAME ..."
	sudo umount /dev/mapper/$CFS_NAME
	sudo cryptsetup remove $CFS_NAME
	sudo mdadm --stop $MD_DEVICE
	# losetup -a | /dev/loop0: [0803]:560004 (./entropy.dat)
	LOOPDEV=`losetup -a | grep "$CFS_FILE_NAME" | sed 's/:.*//'`
	# echo "Loopdev: $LOOPDEV"
	sleep 2
	# FIXME sometimes this is not necessary
	sudo losetup -d $LOOPDEV
	echo "Shut down $CFS_NAME successfully."
	;;

    destroy)
	# FIXME better destroy utility (from Darik's CD - DBAN)
	sudo losetup $CFS_LOOP_DEV $CFS_FILE
	sudo dd if=/dev/zero of=$CFS_LOOP_DEV bs=64M
	sudo dd if=/dev/zero of=$RAID_SD_PART bs=64M
	;;

    *)
	echo "Usage: start_sd_raid <start|stop|create|destroy>"
	echo "           <partstart_sd|partstart_loop|adddev_sd|adddev_loop>"
	echo "           <start_nomount|partstart_sd_nomount>"
	exit 100
	;;
esac

exit 0