fixes

app/vault/open

@@ -4,6 +4,7 @@ set -euo pipefail
 VAULT_FILE="/app/vault/host_vars.img"
 MAPPER_NAME="host_vars_crypt"
 MOUNT_POINT="/app/host_vars"
+LOOP_DEVICE="/dev/loop50"
 
 mkdir -p "$MOUNT_POINT"
 
@@ -13,19 +14,36 @@ if cryptsetup status "$MAPPER_NAME" >/dev/null 2>&1; then
     cryptsetup close "$MAPPER_NAME"
 fi
 
-# Open
+# Detach loop device if already in use
+if losetup "$LOOP_DEVICE" >/dev/null 2>&1; then
+    echo "Detaching stale loop device $LOOP_DEVICE..."
+    losetup -d "$LOOP_DEVICE"
+fi
+
+# Create loop device if missing
+if [ ! -e "$LOOP_DEVICE" ]; then
+    echo "Creating loop device $LOOP_DEVICE..."
+    mknod "$LOOP_DEVICE" b 7 50
+    chmod 660 "$LOOP_DEVICE"
+fi
+
+# Attach vault file to loop device
+echo "Attaching $VAULT_FILE to $LOOP_DEVICE..."
+losetup "$LOOP_DEVICE" "$VAULT_FILE"
+
+# Open encrypted volume
 echo "Opening encrypted volume..."
-cryptsetup open "$VAULT_FILE" "$MAPPER_NAME"
+cryptsetup open "$LOOP_DEVICE" "$MAPPER_NAME"
 
 # Format if needed
-if ! blkid /dev/mapper/"$MAPPER_NAME" >/dev/null 2>&1; then
+if ! blkid "/dev/mapper/$MAPPER_NAME" >/dev/null 2>&1; then
     echo "No filesystem found, creating ext4..."
-    mkfs.ext4 /dev/mapper/"$MAPPER_NAME"
+    mkfs.ext4 "/dev/mapper/$MAPPER_NAME"
 fi
 
 # Mount
 echo "Mounting at $MOUNT_POINT..."
-mount /dev/mapper/"$MAPPER_NAME" "$MOUNT_POINT"
+mount "/dev/mapper/$MAPPER_NAME" "$MOUNT_POINT"
 
 echo "Vault is mounted at $MOUNT_POINT"