From 28634164eaf844911de7162a39372cd286108a66 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Tue, 9 Sep 2025 13:50:39 +0200 Subject: [PATCH] Add menu option for updating drive encryption and user passwords --- bin/omarchy-drive-info | 28 ++++++++++++++++++++++++++++ bin/omarchy-drive-select | 18 ++++++++++++++++++ bin/omarchy-drive-set-password | 21 +++++++++++++++++++++ bin/omarchy-menu | 11 ++++++++++- 4 files changed, 77 insertions(+), 1 deletion(-) create mode 100755 bin/omarchy-drive-info create mode 100755 bin/omarchy-drive-select create mode 100755 bin/omarchy-drive-set-password diff --git a/bin/omarchy-drive-info b/bin/omarchy-drive-info new file mode 100755 index 00000000..10fb223e --- /dev/null +++ b/bin/omarchy-drive-info @@ -0,0 +1,28 @@ +#!/bin/bash + +# Drive, like /dev/nvme0, to display information about +if (($# == 0)); then + echo "Usage: omarchy-drive-info [/dev/drive]" + exit 1 +else + drive="$1" +fi + +# Find the root drive in case we are looking at partitions +root_drive=$(lsblk -no PKNAME "$drive" 2>/dev/null | tail -n1) +if [[ -n "$root_drive" ]]; then + root_drive="/dev/$root_drive" +else + root_drive="$drive" +fi + +# Get basic disk information +size=$(lsblk -dno SIZE "$drive" 2>/dev/null) +model=$(lsblk -dno MODEL "$root_drive" 2>/dev/null) + +# Format display string +display="$drive" +[[ -n "$size" ]] && display="$display ($size)" +[[ -n "$model" ]] && display="$display - $model" + +echo "$display" diff --git a/bin/omarchy-drive-select b/bin/omarchy-drive-select new file mode 100755 index 00000000..9168eb7d --- /dev/null +++ b/bin/omarchy-drive-select @@ -0,0 +1,18 @@ +#!/bin/bash + +# Select a drive from a list with info that includes space and brand + +if (($# == 0)); then + drives=$(lsblk -dpno NAME | grep -E '/dev/(sd|hd|vd|nvme|mmcblk|xv)') +else + drives="$@" +fi + +drives_with_info="" +while IFS= read -r drive; do + [[ -n "$drive" ]] || continue + drives_with_info+="$(omarchy-drive-info "$drive")"$'\n' +done <<<"$drives" + +selected_drive="$(printf "%s" "$drives_with_info" | gum choose --header "Select drive")" || exit 1 +printf "%s\n" "$selected_drive" | awk '{print $1}' diff --git a/bin/omarchy-drive-set-password b/bin/omarchy-drive-set-password new file mode 100755 index 00000000..88a9c58f --- /dev/null +++ b/bin/omarchy-drive-set-password @@ -0,0 +1,21 @@ +#!/bin/bash + +encrypted_drives=$(blkid -t TYPE=crypto_LUKS -o device) + +if [[ -n $encrypted_drives ]]; then + if [[ $(wc -l <<<"$encrypted_drives") -eq 1 ]]; then + drive_to_change="$encrypted_drives" + else + drive_to_change="$(omarchy-drive-select "$encrypted_drives")" + fi + + if [[ -n $drive_to_change ]]; then + echo "Changing full-disk encryption password for $drive_to_change" + sudo cryptsetup luksChangeKey --pbkdf argon2id --iter-time 2000 "$drive_to_change" + else + echo "No drive selected." + fi +else + echo "No encrypted drives available." + exit 1 +fi diff --git a/bin/omarchy-menu b/bin/omarchy-menu index 55293f9f..0c4529a6 100755 --- a/bin/omarchy-menu +++ b/bin/omarchy-menu @@ -324,13 +324,14 @@ show_remove_menu() { } show_update_menu() { - case $(menu "Update" " Omarchy\n Config\n󰸌 Themes\n Process\n󰇅 Hardware\n Timezone") in + case $(menu "Update" " Omarchy\n Config\n󰸌 Themes\n Process\n󰇅 Hardware\n Password\n Timezone") in *Omarchy*) present_terminal omarchy-update ;; *Config*) show_update_config_menu ;; *Themes*) present_terminal omarchy-theme-update ;; *Process*) show_update_process_menu ;; *Hardware*) show_update_hardware_menu ;; *Timezone*) omarchy-cmd-tzupdate ;; + *Password*) show_update_password_menu ;; *) show_main_menu ;; esac } @@ -368,6 +369,14 @@ show_update_hardware_menu() { esac } +show_update_password_menu() { + case $(menu "Update Password" " Drive Encryption\n User") in + *Drive*) present_terminal omarchy-drive-set-password ;; + *User*) present_terminal passwd ;; + *) show_update_menu ;; + esac +} + show_system_menu() { case $(menu "System" " Lock\n󱄄 Screensaver\n󰤄 Suspend\n Relaunch\n󰜉 Restart\n󰐥 Shutdown") in *Lock*) omarchy-lock-screen ;;