Initial commit
This commit is contained in:
commit
6aa4adae8f
9
entrypoint.sh
Executable file
9
entrypoint.sh
Executable file
@ -0,0 +1,9 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
gpg --generate-key --batch gpg-keygen-params.txt
|
||||||
|
pass init proton
|
||||||
|
/usr/bin/protonmail-bridge --cli
|
||||||
|
|
||||||
|
# TODO: login on cli
|
||||||
|
|
||||||
6
gpg-keygen-params.txt
Normal file
6
gpg-keygen-params.txt
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
%no-protection
|
||||||
|
Key-Type:RSA
|
||||||
|
Key-Length:2048
|
||||||
|
Name-Real:proton
|
||||||
|
Expire-Date:0
|
||||||
|
%commit
|
||||||
22
isolated-protonmail-bridge.sh
Executable file
22
isolated-protonmail-bridge.sh
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
HERE="$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")"
|
||||||
|
JAIL_HOME=/home/proton
|
||||||
|
DEFAULT_BIN=entrypoint.sh
|
||||||
|
BIN="${1:-${DEFAULT_BIN}}"
|
||||||
|
|
||||||
|
nsjail -Mo \
|
||||||
|
--disable_clone_newnet \
|
||||||
|
--cwd "${JAIL_HOME}" \
|
||||||
|
--tmpfsmount / \
|
||||||
|
--tmpfsmount /tmp --tmpfsmount /run \
|
||||||
|
--bindmount_ro "${HERE}/entrypoint.sh:${JAIL_HOME}/entrypoint.sh" \
|
||||||
|
--bindmount_ro "${HERE}/gpg-keygen-params.txt:${JAIL_HOME}/gpg-keygen-params.txt" \
|
||||||
|
--bindmount_ro /bin --bindmount_ro /sbin \
|
||||||
|
--bindmount_ro /usr --bindmount_ro /lib --bindmount_ro /lib64 \
|
||||||
|
--bindmount_ro /dev/null --bindmount_ro /dev/urandom --bindmount_ro /dev/random \
|
||||||
|
--env HOME=/home/proton \
|
||||||
|
--env PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin \
|
||||||
|
-- ${BIN}
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user