diff --git a/Cargo.lock b/Cargo.lock index 7bafcc02..a175ca40 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -293,7 +293,7 @@ checksum = "11157ac094ffbdde99aa67b23417ebdd801842852b500e395a45a9c0aac03e4a" [[package]] name = "encryptedfs" -version = "0.1.22" +version = "0.1.23" dependencies = [ "base64", "bincode", diff --git a/Cargo.toml b/Cargo.toml index 1a3d9a6a..68bac190 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "encryptedfs" description = "An encrypted file system that mounts with FUSE on Linux. It can be used to create encrypted directories." -version = "0.1.22" +version = "0.1.23" edition = "2021" license = "Apache-2.0" authors = ["Radu Marias "] diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..eebedd87 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,36 @@ +################ +##### Builder +FROM alpine:3.16.0 as builder + +RUN apk add binutils build-base ca-certificates curl file g++ gcc libressl-dev make patch postgresql rust + +RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + +RUN . ~/.cargo/env && rustup target add x86_64-unknown-linux-musl + +# Cache downloaded+built dependencies +COPY Cargo.toml Cargo.lock /usr/src/encryptedfs/ +RUN mkdir /usr/src/encryptedfs/src && \ + echo 'fn main() {}' > /usr/src/encryptedfs/src/main.rs + +RUN . ~/.cargo/env && cd /usr/src/encryptedfs/ && cargo build --release && \ + rm -Rvf /usr/src/encryptedfs/src + +# Build our actual code +COPY src /usr/src/encryptedfs/src +RUN touch /usr/src/encryptedfs/src/main.rs +RUN . ~/.cargo/env && \ + cd /usr/src/encryptedfs/ && \ + cargo build --target x86_64-unknown-linux-musl --release + +################ +##### Runtime +FROM alpine:3.16.0 AS runtime + +RUN apk add fuse3 + +# Copy application binary from builder image +COPY --from=builder /usr/src/encryptedfs/target/x86_64-unknown-linux-musl/release/encryptedfs /usr/local/bin + +# Run the application +CMD ["encryptedfs", "--help"] diff --git a/README.md b/README.md index 43bfc88b..d1a20c44 100644 --- a/README.md +++ b/README.md @@ -33,10 +33,16 @@ cargo install encryptedfs ``` To use the encrypted file system, you need to have FUSE installed on your system. You can install it by running the following command (or based on your distribution): + +Arch +```bash +sudo pacman -Syu && sudo pacman -S fuse3 +``` +Ubuntu ```bash -sudo apt-get update -sudo apt-get -y install fuse3 +sudo apt-get update && sudo apt-get -y install fuse3 ``` + A basic example of how to use the encrypted file system is shown below: ``` @@ -76,3 +82,38 @@ You can specify the log level adding the `--log-level` argument to the command l ```bash --log-level LEVEL ``` + +## Start it in docker +```bash +docker pull xorio42/encryptedfs +``` +Start a container to set up mount in it + +`docker run -it --device /dev/fuse --cap-add SYS_ADMIN --security-opt apparmor:unconfined xorio42/encryptedfs:latest /bin/sh` + +In the container create mount and data directories + +`mkdir fsmnt && mkdir fsdata` + +Start `encryptedfs` + +`encryptedfs --mount-point fsmnt --data-dir fsdata` + +Enter a password for encryption. + +Get the container ID + +`docker ps` + +In another terminal attach to running container with the above ID + +`docker exec -it /bin/sh` + +From here you can play with it by creating files in `fsmnt` directory +``` +cd fsmnt +mkdir 1 +ls +echo "test" > 1/test +cat 1/test +```