env/utils/scripts/sekrit-rekey.sh

#!/bin/sh
# env
# Written in 2020 by Lucas
# CC0 1.0 Universal/Public domain - No rights reserved
#
# To the extent possible under law, the author(s) have dedicated all
# copyright and related and neighboring rights to this software to the
# public domain worldwide. This software is distributed without any
# warranty. You should have received a copy of the CC0 Public Domain
# Dedication along with this software. If not, see
# <http://creativecommons.org/publicdomain/zero/1.0/>.

usage()
{
	printf "Usage: %s newkey\n" "${0##*/}" >&2
	exit 1
}

err()
{
	printf "%s: %s\n" "${0##*/}" "$*" >&2
	exit 1
}

newsekrit()
{
	SEKRIT_DIR="$newdir" SEKRIT_GPG_ID="$newkey" sekrit "$@"
}

[ $# -eq 1 ] || usage
newkey=$1
gpg2 -k "$newkey" >/dev/null || err "can't find key $newkey"

umask 077
newdir=$(mktemp -dt sekrit-XXXXXXXXXX) ||
    err "failed to create temporary directory"
scratch=$(mktemp -tp "$newdir" .sekrit-scratch-XXXXXXXXXX) ||
    err "failed to create scratch file"
trap 'rm -fr -- "$scratch" "$newdir"' INT QUIT TERM

for entry in $(sekrit ls | grep -v ^DONE); do
	printf "%s... " "$entry"
	sekrit get "$entry" >|"$scratch" ||
	    err "failed to export entry $entry"
	newsekrit add "$entry" <"$scratch" ||
	    err "failed to import entry $entry"
	printf "OK\n"
done
rm -f "$scratch"

outdir=sekrit-rekey-$(date +%Y%m%d)
if mv "$newdir" "$outdir"; then
	finaldir=$outdir
else
	finaldir=$newdir
fi
printf "New sekrit store can be found at %s\n" "$finaldir"
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`#!/bin/sh`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`# env`
			`# Written in 2020 by Lucas`
			`# CC0 1.0 Universal/Public domain - No rights reserved`
			`#`
			`# To the extent possible under law, the author(s) have dedicated all`
			`# copyright and related and neighboring rights to this software to the`
			`# public domain worldwide. This software is distributed without any`
			`# warranty. You should have received a copy of the CC0 Public Domain`
			`# Dedication along with this software. If not, see`
			`# <http://creativecommons.org/publicdomain/zero/1.0/>.`

Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`usage()`
			`{`
			`printf "Usage: %s newkey\n" "${0##*/}" >&2`
			`exit 1`
			`}`

			`err()`
			`{`
			`printf "%s: %s\n" "${0##/}" "$" >&2`
			`exit 1`
			`}`

			`newsekrit()`
			`{`
			`SEKRIT_DIR="$newdir" SEKRIT_GPG_ID="$newkey" sekrit "$@"`
			`}`

			`[ $# -eq 1 ] \|\| usage`
			`newkey=$1`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`gpg2 -k "$newkey" >/dev/null \|\| err "can't find key $newkey"`
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00
			`umask 077`
			`newdir=$(mktemp -dt sekrit-XXXXXXXXXX) \|\|`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`err "failed to create temporary directory"`
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`scratch=$(mktemp -tp "$newdir" .sekrit-scratch-XXXXXXXXXX) \|\|`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`err "failed to create scratch file"`
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`trap 'rm -fr -- "$scratch" "$newdir"' INT QUIT TERM`

			`for entry in $(sekrit ls \| grep -v ^DONE); do`
			`printf "%s... " "$entry"`
			`sekrit get "$entry" >\|"$scratch" \|\|`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`err "failed to export entry $entry"`
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`newsekrit add "$entry" <"$scratch" \|\|`
Align shell style all over the repo 2020-05-03 16:47:27 +02:00			`err "failed to import entry $entry"`
Add script for rekeying sekrit store 2020-03-22 02:48:10 +01:00			`printf "OK\n"`
			`done`
			`rm -f "$scratch"`

			`outdir=sekrit-rekey-$(date +%Y%m%d)`
			`if mv "$newdir" "$outdir"; then`
			`finaldir=$outdir`
			`else`
			`finaldir=$newdir`
			`fi`
			`printf "New sekrit store can be found at %s\n" "$finaldir"`