#!/bin/bash

## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

set -x
set -o errexit
set -o nounset
set -o pipefail
set -o errtrace
shopt -s inherit_errexit

sudo mkdir --parents -- /mnt/disk

sudo chown --recursive user:user -- /mnt/disk

sudo cryptsetup luksOpen /dev/xvdi disk

sudo mount /dev/mapper/disk /mnt/disk

## `test -w FILE` requires FILE to exist; testing a sentinel file
## (testfile) inside the mount also assumes someone created it
## first. Check the mount point itself instead - if /mnt/disk is
## writable, the encrypted volume is mounted and accepting writes.
test -w /mnt/disk
