cryptomator
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 4 additions & 3 deletions b/‎.github/workflows/build.yml‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎Dockerfile‎
Lines changed: 13 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 66 additions & 12 deletions b/‎README.md‎
Lines changed: 66 additions & 12 deletions
diff --git a/‎pom.xml‎
Lines changed: 12 additions & 6 deletions b/‎pom.xml‎
Lines changed: 12 additions & 6 deletions
diff --git a/‎src/main/java/org/cryptomator/cli/Args.java‎
Lines changed: 36 additions & 10 deletions b/‎src/main/java/org/cryptomator/cli/Args.java‎
Lines changed: 36 additions & 10 deletions
@@ -7,6 +7,8 @@ jobs:
   build:
     name: Build and Test
     runs-on: ubuntu-latest
+    #This check is case insensitive
+    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
     outputs:
       artifact-version: ${{ steps.setversion.outputs.version }}
     env:
@@ -15,7 +17,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions/setup-java@v1
         with:
-          java-version: 14
+          java-version: 17
       - uses: actions/cache@v1
         with:
           path: ~/.m2/repository
@@ -29,8 +31,7 @@ jobs:
         id: setversion
         run: |
           v=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
-          echo "::set-env name=BUILD_VERSION::${v}"
-          echo "::set-output name=version::${v}"
+          echo "BUILD_VERSION=${v}" >> $GITHUB_ENV
       - name: Build and Test
         run: mvn -B install
       - name: Upload snapshot artifact cryptomator-cli-${{ env.BUILD_VERSION }}.jar
 
@@ -0,0 +1,13 @@
+FROM alpine:3.12.0
+
+ARG CRYPTOMATOR_CLI_VERSION=0.4.0
+
+RUN adduser -D cryptomator && \
+    apk add --no-cache openjdk11-jre-headless && \
+    wget https://github.com/cryptomator/cli/releases/download/$CRYPTOMATOR_CLI_VERSION/cryptomator-cli-$CRYPTOMATOR_CLI_VERSION.jar -O /usr/bin/cryptomator.jar
+
+USER cryptomator
+
+VOLUME ["/vaults"]
+
+ENTRYPOINT ["java", "-jar", "/usr/bin/cryptomator.jar"]
@@ -3,62 +3,116 @@
 
 # Cryptomator CLI
 
-This is a minimal command-line program that unlocks vaults which can then be accessed via an embedded WebDAV server.
+This is a minimal command-line application that unlocks vaults of vault format 8.
+After unlocking the vaults, its vault content can be accessed via an embedded WebDAV server.
+The minimum required Java version is JDK 17.
 
 ## Disclaimer
 
-This project is in an early stage and not ready for production use. We recommend to use it only for testing and evaluation purposes.
+:warning: This project is in an early stage and not ready for production use. We recommend using it only for testing and evaluation purposes.
 
 ## Download and Usage
 
-Download the jar file via [GitHub Releases](https://github.com/cryptomator/cli/releases).
+Download the JAR file via [GitHub Releases](https://github.com/cryptomator/cli/releases).
 
-Cryptomator CLI requires that at least JDK 11 is present on your system.
+Cryptomator CLI requires that at least JDK 17 is present on your system.
 
 ```sh
 java -jar cryptomator-cli-x.y.z.jar \
     --vault demoVault=/path/to/vault --password demoVault=topSecret \
     --vault otherVault=/path/to/differentVault --passwordfile otherVault=/path/to/fileWithPassword \
+    --vault thirdVault=/path/to/thirdVault  \
     --bind 127.0.0.1 --port 8080
-# you can now mount http://localhost:8080/demoVault/
+# You can now mount http://localhost:8080/demoVault/
+# The password for the third vault is read from stdin
+# Be aware that passing the password on the command-line typically makes it visible to anyone on your system!
 ```
 
-Then you can access the vault using any WebDAV client.
+## Filesystem Integration
+
+Once the vault is unlocked and the WebDAV server started, you can access the vault by any WebDAV client or directly mounting it in your filesystem.
+
+### Windows via Windows Explorer
+
+Open the File Explorer, right click on "This PC" and click on the menu item "Map network drive...".
+
+1. In the Drive list, select a drive letter. (Any available letter will do.)
+2. In the Folder box, enter the URL logged by the Cryptomator CLI application.
+3. Select Finish.
 
 ### Linux via davfs2
 
-First, you need to create a mount point for your vault
+First, you need to create a mount point for your vault:
 
 ```sh
 sudo mkdir /media/your/mounted/folder
 ```
 
-Then you can mount the vault
+Then you can mount the vault:
 
 ```sh
-sudo mount -t davfs http://localhost:8080/demoVault/ /media/your/mounted/folder
+echo | sudo mount -t davfs -o username=,user,gid=1000,uid=1000 http://localhost:8080/demoVault/ /media/your/mounted/folder
+# Replace gid/uid with your gid/uid. The echo is used to skip over the password query from davfs
 ```
 
-To unmount the vault, run
+To unmount the vault, run:
 
 ```sh
 sudo umount /media/your/mounted/folder
 ```
 
 ### macOS via AppleScript
 
-Mount the vault with
+Mount the vault with:
 
 ```sh
 osascript -e 'mount volume "http://localhost:8080/demoVault/"'
 ```
 
-Unmount the vault with
+Unmount the vault with:
 
 ```sh
 osascript -e 'tell application "Finder" to if "demoVault" exists then eject "demoVault"'
 ```
 
+## Using as a Docker image
+
+### Bridge Network with Port Forwarding
+
+:warning: **WARNING: This approach should only be used to test the containerized approach, not in production.** :warning:
+
+The reason is that with port forwarding, you need to listen on all interfaces. Other devices on the network could also access your WebDAV server and potentially expose your secret files.
+
+Ideally, you would run this in a private Docker network with trusted containers built by yourself communicating with each other. **Again, the below example is for testing purposes only to understand how the container would behave in production.**
+
+```sh
+docker run --rm -p 8080:8080 \
+    -v /path/to/vault:/vaults/vault \
+    -v /path/to/differentVault:/vaults/differentVault \
+    -v /path/to/fileWithPassword:/passwordFile \
+    cryptomator/cli \
+    --bind 0.0.0.0 --port 8080 \
+    --vault demoVault=/vaults/vault --password demoVault=topSecret \
+    --vault otherVault=/vaults/differentVault --passwordfile otherVault=/passwordFile
+# You can now mount http://localhost:8080/demoVault/
+```
+
+### Host Network
+
+```sh
+docker run --rm --network=host \
+    -v /path/to/vault:/vaults/vault \
+    -v /path/to/differentVault:/vaults/differentVault \
+    -v /path/to/fileWithPassword:/passwordFile \
+    cryptomator/cli \
+    --bind 127.0.0.1 --port 8080 \
+    --vault demoVault=/vaults/vault --password demoVault=topSecret \
+    --vault otherVault=/vaults/differentVault --passwordfile otherVault=/passwordFile
+# You can now mount http://localhost:8080/demoVault/
+```
+
+Then you can access the vault using any WebDAV client.
+
 ## License
 
 This project is dual-licensed under the AGPLv3 for FOSS projects as well as a commercial license derived from the LGPL for independent software vendors and resellers. If you want to use this library in applications, that are *not* licensed under the AGPL, feel free to contact our [support team](https://cryptomator.org/help/).
@@ -2,18 +2,19 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.cryptomator</groupId>
 	<artifactId>cli</artifactId>
-	<version>0.4.0</version>
+	<version>0.5.0</version>
 	<name>Cryptomator CLI</name>
 	<description>Command line program to access encrypted files via WebDAV.</description>
 	<url>https://github.com/cryptomator/cli</url>
 
 	<properties>
-		<cryptofs.version>1.9.10</cryptofs.version>
-		<webdav-nio.version>1.0.11</webdav-nio.version>
-		<commons.cli.version>1.4</commons.cli.version>
-		<logback.version>1.2.3</logback.version>
+		<cryptofs.version>2.3.1</cryptofs.version>
+		<webdav-nio.version>1.2.6</webdav-nio.version>
+		<commons.cli.version>1.5.0</commons.cli.version>
+		<logback.version>1.2.9</logback.version>
+		<fuse-nio.version>1.3.3</fuse-nio.version>
 
-		<java.version>11</java.version>
+		<java.version>17</java.version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 	</properties>
 
@@ -46,6 +47,11 @@
 			<artifactId>webdav-nio-adapter</artifactId>
 			<version>${webdav-nio.version}</version>
 		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>fuse-nio-adapter</artifactId>
+			<version>${fuse-nio.version}</version>
+		</dependency>
 
 		<!-- Commons -->
 		<dependency>
 
@@ -8,6 +8,7 @@
  *******************************************************************************/
 package org.cryptomator.cli;
 
+import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.HashMap;
 import java.util.Map;
@@ -71,22 +72,43 @@ public class Args {
 				.valueSeparator() //
 				.hasArgs() //
 				.build());
+		OPTIONS.addOption(Option.builder() //
+				.longOpt("fusemount") //
+				.argName("mount point") //
+				.desc("Format must be vaultName=mountpoint") //
+				.valueSeparator() //
+				.hasArgs() //
+				.build());
 	}
 
 	private final String bindAddr;
 	private final int port;
+	private final boolean hasValidWebDavConfig;
 	private final Properties vaultPaths;
 	private final Properties vaultPasswords;
 	private final Properties vaultPasswordFiles;
 	private final Map<String, PasswordStrategy> passwordStrategies;
+	private final Properties fuseMountPoints;
 
 	public Args(CommandLine commandLine) throws ParseException {
-		this.bindAddr = commandLine.getOptionValue("bind", "localhost");
-		this.port = Integer.parseInt(commandLine.getOptionValue("port", "0"));
+		if (commandLine.hasOption("bind") && commandLine.hasOption("port")) {
+			hasValidWebDavConfig = true;
+			this.bindAddr = commandLine.getOptionValue("bind", "localhost");
+			this.port = Integer.parseInt(commandLine.getOptionValue("port", "0"));
+		} else {
+			hasValidWebDavConfig = false;
+			this.bindAddr = "";
+			this.port = -1;
+		}
 		this.vaultPaths = commandLine.getOptionProperties("vault");
 		this.vaultPasswords = commandLine.getOptionProperties("password");
 		this.vaultPasswordFiles = commandLine.getOptionProperties("passwordfile");
 		this.passwordStrategies = new HashMap<>();
+		this.fuseMountPoints = commandLine.getOptionProperties("fusemount");
+	}
+
+	public boolean hasValidWebDavConf() {
+		return hasValidWebDavConfig;
 	}
 
 	public String getBindAddr() {
@@ -118,15 +140,10 @@ public PasswordStrategy addPasswortStrategy(final String vaultName) {
 		PasswordStrategy passwordStrategy = new PasswordFromStdInputStrategy(vaultName);
 
 		if (vaultPasswords.getProperty(vaultName) != null) {
-			passwordStrategy = new PasswordFromPropertyStrategy(
-					vaultName,
-					vaultPasswords.getProperty(vaultName)
-			);
+			passwordStrategy = new PasswordFromPropertyStrategy(vaultName, vaultPasswords.getProperty(vaultName));
 		} else if (vaultPasswordFiles.getProperty(vaultName) != null) {
-			passwordStrategy = new PasswordFromFileStrategy(
-					vaultName,
-					Paths.get(vaultPasswordFiles.getProperty(vaultName))
-			);
+			passwordStrategy = new PasswordFromFileStrategy(vaultName,
+					Paths.get(vaultPasswordFiles.getProperty(vaultName)));
 		}
 
 		this.passwordStrategies.put(vaultName, passwordStrategy);
@@ -136,4 +153,13 @@ public PasswordStrategy addPasswortStrategy(final String vaultName) {
 	public PasswordStrategy getPasswordStrategy(final String vaultName) {
 		return passwordStrategies.get(vaultName);
 	}
+
+	public Path getFuseMountPoint(String vaultName) {
+		String mountPoint = fuseMountPoints.getProperty(vaultName);
+		if (mountPoint == null) {
+			return null;
+		}
+		Path mountPointPath = Paths.get(mountPoint);
+		return mountPointPath;
+	}
 }