Initial commit

This commit is contained in:
Kristóf Tóth 2020-05-21 17:11:31 +02:00
commit 6aa4adae8f
3 changed files with 37 additions and 0 deletions

9
entrypoint.sh Executable file
View File

@ -0,0 +1,9 @@
#!/usr/bin/env bash
set -euo pipefail
gpg --generate-key --batch gpg-keygen-params.txt
pass init proton
/usr/bin/protonmail-bridge --cli
# TODO: login on cli

6
gpg-keygen-params.txt Normal file
View File

@ -0,0 +1,6 @@
%no-protection
Key-Type:RSA
Key-Length:2048
Name-Real:proton
Expire-Date:0
%commit

22
isolated-protonmail-bridge.sh Executable file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env bash
set -euo pipefail
HERE="$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")"
JAIL_HOME=/home/proton
DEFAULT_BIN=entrypoint.sh
BIN="${1:-${DEFAULT_BIN}}"
nsjail -Mo \
--disable_clone_newnet \
--cwd "${JAIL_HOME}" \
--tmpfsmount / \
--tmpfsmount /tmp --tmpfsmount /run \
--bindmount_ro "${HERE}/entrypoint.sh:${JAIL_HOME}/entrypoint.sh" \
--bindmount_ro "${HERE}/gpg-keygen-params.txt:${JAIL_HOME}/gpg-keygen-params.txt" \
--bindmount_ro /bin --bindmount_ro /sbin \
--bindmount_ro /usr --bindmount_ro /lib --bindmount_ro /lib64 \
--bindmount_ro /dev/null --bindmount_ro /dev/urandom --bindmount_ro /dev/random \
--env HOME=/home/proton \
--env PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin \
-- ${BIN}