Initial commit
This commit is contained in:
commit
6aa4adae8f
9
entrypoint.sh
Executable file
9
entrypoint.sh
Executable file
@ -0,0 +1,9 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
gpg --generate-key --batch gpg-keygen-params.txt
|
||||
pass init proton
|
||||
/usr/bin/protonmail-bridge --cli
|
||||
|
||||
# TODO: login on cli
|
||||
|
||||
6
gpg-keygen-params.txt
Normal file
6
gpg-keygen-params.txt
Normal file
@ -0,0 +1,6 @@
|
||||
%no-protection
|
||||
Key-Type:RSA
|
||||
Key-Length:2048
|
||||
Name-Real:proton
|
||||
Expire-Date:0
|
||||
%commit
|
||||
22
isolated-protonmail-bridge.sh
Executable file
22
isolated-protonmail-bridge.sh
Executable file
@ -0,0 +1,22 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
HERE="$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")"
|
||||
JAIL_HOME=/home/proton
|
||||
DEFAULT_BIN=entrypoint.sh
|
||||
BIN="${1:-${DEFAULT_BIN}}"
|
||||
|
||||
nsjail -Mo \
|
||||
--disable_clone_newnet \
|
||||
--cwd "${JAIL_HOME}" \
|
||||
--tmpfsmount / \
|
||||
--tmpfsmount /tmp --tmpfsmount /run \
|
||||
--bindmount_ro "${HERE}/entrypoint.sh:${JAIL_HOME}/entrypoint.sh" \
|
||||
--bindmount_ro "${HERE}/gpg-keygen-params.txt:${JAIL_HOME}/gpg-keygen-params.txt" \
|
||||
--bindmount_ro /bin --bindmount_ro /sbin \
|
||||
--bindmount_ro /usr --bindmount_ro /lib --bindmount_ro /lib64 \
|
||||
--bindmount_ro /dev/null --bindmount_ro /dev/urandom --bindmount_ro /dev/random \
|
||||
--env HOME=/home/proton \
|
||||
--env PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin \
|
||||
-- ${BIN}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user