#!/bin/bash

set -e
[ -z "${1}" ] && exit 1
device="${1}"
echo "Make sure that your filesystem on ${device} is at least 2 MegaByte smaller"
echo "than the partition it resides on! Otherwise this procedure will kill your"
echo "data FOREVER!"
echo
echo "You can achieve this with the 'resize' commands:"
echo "- resize2fs for ext2 filesystems"
echo "- resize_reiserfs for reiserfs filesystems"
echo
read -p "Press Enter to continue or ^C to stop"

blocksize="$( blockdev --getsize ${device} )"
echo " 0 $(( ${blocksize} - 1032 )) linear ${device} 1032 " | dmsetup create ${device//\//_}
for x in $( seq $(( ${blocksize} / 1032 - 2 )) -1 0 ) ; do
	echo -en "\r$(( ( ${blocksize} / 1032 - 2 ) - ${x} )) / $(( ${blocksize} / 1032 - 2 ))"
	dd if=${device} of=/dev/mapper/${device//\//_} bs=$(( 1032 * 512 )) count=1 skip=${x} seek=${x} 2>/dev/null
done
echo
echo
echo "I'm now going to start the LUKS encryption. You will need to enter a passphrase"
echo "three times:"
echo "First for setting up LUKS"
echo "Second for confirmation of the passphrase"
echo "Third to actually start up the encrypted device"

cryptsetup luksFormat ${device}

cryptsetup luksOpen ${device} ${device//\//_}_encrypted

dd if=/dev/mapper/${device//\//_} of=/dev/mapper/${device//\//_}_encrypted bs=1M

dmsetup remove ${device//\//_}
echo "Your encrypted filesystem is now ready in"
echo "/dev/mapper/${device//\//_}_encrypted and can be used according to the"
echo "LUKS documentation."
echo