From ec85942c7dda73e25ce2f0541a3f06818017a2e0 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Tue, 7 May 2019 14:08:04 +0200
Subject: [PATCH] Better passphrase management.

---
 all_new_2018/borg.sh                     | 14 ++++++++------
 buster/setup_scripts/setup_eeepc.sh      | 12 ++++++++----
 buster/setup_scripts/setup_home_eeepc.sh |  2 +-
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/all_new_2018/borg.sh b/all_new_2018/borg.sh
index 2c276bf..1be74bb 100755
--- a/all_new_2018/borg.sh
+++ b/all_new_2018/borg.sh
@@ -19,12 +19,14 @@ read_pw() {
     eval $(ssh-agent)
     echo "ssh-add"
     ssh-add
-    stty -echo
-    printf "Borg passphrase: "
-    read password
-    stty echo
-    printf "\n"
-    export BORG_PASSPHRASE="${password}"
+    if [ "${#BORG_PASSPHRASE}" -eq 0 ]; then
+        stty -echo
+        printf "Borg passphrase: "
+        read password
+        stty echo
+        printf "\n"
+        export BORG_PASSPHRASE="${password}"
+    fi
 }
 
 if [ ! -f "${config_file}" ]; then
diff --git a/buster/setup_scripts/setup_eeepc.sh b/buster/setup_scripts/setup_eeepc.sh
index 9e394eb..a7add59 100755
--- a/buster/setup_scripts/setup_eeepc.sh
+++ b/buster/setup_scripts/setup_eeepc.sh
@@ -53,16 +53,20 @@ adduser --disabled-password --gecos "" plom
 usermod -a -G sudo plom
 passwd plom
 if [ "${HOME_DIR_EXISTS}" -eq 0 ]; then
+    echo "Put secrets drive into slot for /dev/${secrets_dev}."
     while [ ! -e /dev/"${secrets_dev}" ]; do
-        echo "Put secrets drive into slot for /dev/${secrets_dev}, then hit Return."
-        read ignore
+        sleep 1
     done
-    pmount /dev/"${secrets_dev}"
+    stty -echo
+    printf "Secrets passphrase: "
+    read secrets_pass
+    stty echo
+    echo "${secrets_pass}" | pmount /dev/"${secrets_dev}"
     cp -a "${source_dir_secrets}" "${target_dir_secrets}"
     chown -R plom:plom "${target_dir_secrets}"
     pumount "${secrets_dev}"
     echo "You can remove /dev/${secrets_dev} now."
     cp setup_home_eeepc.sh /home/plom
     chown plom:plom /home/plom/setup_home_eeepc.sh
-    su -c "cd && ./setup_home_eeepc.sh" plom
+    SECRETS_PASS="${secrets_pass}" su -c "cd && ./setup_home_eeepc.sh" plom
 fi
diff --git a/buster/setup_scripts/setup_home_eeepc.sh b/buster/setup_scripts/setup_home_eeepc.sh
index 83f585f..7678bf3 100755
--- a/buster/setup_scripts/setup_home_eeepc.sh
+++ b/buster/setup_scripts/setup_home_eeepc.sh
@@ -53,7 +53,7 @@ cat "${borgrepos_file}" | while read line; do
     fi
     ssh-keyscan "${line}" >> "${ssh_dir}"/known_hosts
 done
-"${path_borgscript}" orgpull
+BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
 
 # Fill ~/public_repos.
 cat "${repos_list_file}" | while read line; do
-- 
2.30.2