## Store your Password in the OSX Keychain

Open the Terminal app and enter
```shell
security add-generic-password -a ${USER} -s gocryptfs -w
```
Type or paste in your gocryptfs password when prompted.


## Create the launchd daemon plist file
Now launch the text editor of your choice like Textmate and copy and paste this code:
```xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!--	<key>StandardErrorPath</key>
	<string>/Users/your-username/debug.log</string>
	<key>Debug</key>
	<true/>
-->
	<key>KeepAlive</key>
	<dict>
		<key>Crashed</key>
		<true/>
	</dict>
	<key>Label</key>
	<string>gocryptfs.start</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/local/bin/gocryptfs</string>
		<string>--extpass=&quot;security find-generic-password -s gocryptfs -w&quot;</string>
		<string>/Users/your-username/path/to/encrypted/folder</string>
		<string>/Users/your-username/path/to/plain/folder</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
</dict>
</plist>
```

You need to replace some values:
* `your-username`: Replace this with your real username. If you are unsure what your username is, open the Terminal app and type `echo $USER` and hit enter. The Terminal will output your username.
* `/path/to/encrypted/folder`: Replace this with the real location of your encrypted files. I assume here that your files are located somewhere in the user's home directory. If your files are located for instance on an external drive please replace the full path `/Users/your-username/path/to/encrypted/folder`
* `/path/to/plain/folder`: Similar to the encrypted folder you have to enter the location of the folder where your unencrypted files should be shown.

Save the editor content as a *.plist file under `~/Library/LaunchAgents/gocryptfs.plist`

Log out and log in again to see if it works.
If you have issues getting it working, you can remove the comments (`<!--` and `-->`) from debugging section. Don't forget to adjust the location of the debug log file. If you now re-login you will get some information in the log file that might help to resolve your issues.

You may also have to remove `&quot;` in the line pertaining to the `--extpass` argument, which then becomes:
```
<string>--extpass=security find-generic-password -s gocryptfs -w</string>
```

## How to activate Spotlight search on the mounted volume
In the template plist file above, between the line containing the `--extpass` string and the line containing `/path/to/encrypted/folder`, insert the following lines:
```
		<string>-allow_other</string>
		<string>-ko</string>
		<string>local</string>
```

Then, when the volume is mounted, run the following command:
```
mdutil -i on /Users/your-username/path/to/plain/folder
``` 

If you then run `mdutil -sa`, it should display a list of volumes, including the mounted volume followed by the status `Indexing enabled`.

Indexing can take a few hours. You can click on Spotlight icon on the tray and type a few letters to see the indexing progress bar.