jgaunt/FreeNAS-Network-Unlock
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update 'freenas_network_unlock.py'

Browse Source
This commit is contained in:
jgaunt
2020-03-04 11:37:35 -05:00
parent cee06cd972
commit c910c2e8bd
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
freenas_network_unlock.py
View File

@@ -35,18 +35,18 @@ def request(resource, method='GET', data=None):
raise ValueError(r)
# Create a small ramdrive to store our recovery keys temporarily
rc = call("mkdir /mnt/ramfs", shell=True)
rc = call("mdmfs -s 1m md /mnt/ramfs", shell=True)
#rc = call("mkdir /mnt/ramfs", shell=True)
#rc = call("mdmfs -s 1m md /mnt/ramfs", shell=True)
# Send our unlock/mount script to the pi and execute it on the pi using ssh
rc = call("ssh {}@{} 'mkdir /mnt/FreeNASRecoveryKeys; echo -n {} | cryptsetup luksOpen {} FreeNASRecoveryKeys -d - && mount /dev/mapper/FreeNASRecoveryKeys /mnt/FreeNASRecoveryKeys'".format(config.KEY_HOST_USER, config.KEY_HOST, config.LUKS_PASSWORD, config.LUKS_VOLUME), shell=True)
#rc = call("ssh {}@{} 'mkdir /mnt/FreeNASRecoveryKeys; echo -n {} | cryptsetup luksOpen {} FreeNASRecoveryKeys -d - && mount /dev/mapper/FreeNASRecoveryKeys /mnt/FreeNASRecoveryKeys'".format(config.KEY_HOST_USER, config.KEY_HOST, config.LUKS_PASSWORD, config.LUKS_VOLUME), shell=True)
# Now we can copy the keys to the ramfs
for poolName in config.POOL_NAMES:
rc= call("scp {}@{}:/mnt/FreeNASRecoveryKeys/{}.recoveryKey /mnt/ramfs".format(config.KEY_HOST_USER, config.KEY_HOST, poolName), shell=True)
#for poolName in config.POOL_NAMES:
# rc= call("scp {}@{}:/mnt/FreeNASRecoveryKeys/{}.recoveryKey /mnt/ramfs".format(config.KEY_HOST_USER, config.KEY_HOST, poolName), shell=True)
# We can close the luks volume now
rc = call("ssh {}@{} 'umount /mnt/FreeNASRecoveryKeys; cryptsetup luksClose FreeNASRecoveryKeys; rm -rf /mnt/FreeNASRecoveryKeys'".format(config.KEY_HOST_USER, config.KEY_HOST), shell=True)
#rc = call("ssh {}@{} 'umount /mnt/FreeNASRecoveryKeys; cryptsetup luksClose FreeNASRecoveryKeys; rm -rf /mnt/FreeNASRecoveryKeys'".format(config.KEY_HOST_USER, config.KEY_HOST), shell=True)
# Loop through the pools and only unlock the locked ones
POOLS = request('storage/volume/', 'GET')
@@ -64,4 +64,4 @@ for pool in POOLS['response']:
logging.debug('Pool {} is already unlocked'.format(pool['name']))
# wipe the files, unmount the ramfs, and remove the folder
rc = call("umount -f /mnt/ramfs; rm -fP /mnt/ramfs/*; rmdir /mnt/ramfs", shell=True)
#rc = call("umount -f /mnt/ramfs; rm -fP /mnt/ramfs/*; rmdir /mnt/ramfs", shell=True)