2020-03-22 02:48:10 +01:00
|
|
|
#!/bin/sh
|
2020-05-03 16:47:27 +02:00
|
|
|
# env
|
2022-01-16 15:23:14 +01:00
|
|
|
# Written in 2020,2022 by Lucas
|
2020-05-03 16:47:27 +02:00
|
|
|
# CC0 1.0 Universal/Public domain - No rights reserved
|
|
|
|
#
|
|
|
|
# To the extent possible under law, the author(s) have dedicated all
|
|
|
|
# copyright and related and neighboring rights to this software to the
|
|
|
|
# public domain worldwide. This software is distributed without any
|
|
|
|
# warranty. You should have received a copy of the CC0 Public Domain
|
|
|
|
# Dedication along with this software. If not, see
|
|
|
|
# <http://creativecommons.org/publicdomain/zero/1.0/>.
|
|
|
|
|
2020-03-22 02:48:10 +01:00
|
|
|
usage()
|
|
|
|
{
|
|
|
|
printf "Usage: %s newkey\n" "${0##*/}" >&2
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
err()
|
|
|
|
{
|
|
|
|
printf "%s: %s\n" "${0##*/}" "$*" >&2
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
newsekrit()
|
|
|
|
{
|
|
|
|
SEKRIT_DIR="$newdir" SEKRIT_GPG_ID="$newkey" sekrit "$@"
|
|
|
|
}
|
|
|
|
|
|
|
|
[ $# -eq 1 ] || usage
|
|
|
|
newkey=$1
|
2020-05-03 16:47:27 +02:00
|
|
|
gpg2 -k "$newkey" >/dev/null || err "can't find key $newkey"
|
2020-03-22 02:48:10 +01:00
|
|
|
|
|
|
|
umask 077
|
|
|
|
newdir=$(mktemp -dt sekrit-XXXXXXXXXX) ||
|
2020-05-03 16:47:27 +02:00
|
|
|
err "failed to create temporary directory"
|
2020-03-22 02:48:10 +01:00
|
|
|
scratch=$(mktemp -tp "$newdir" .sekrit-scratch-XXXXXXXXXX) ||
|
2020-05-03 16:47:27 +02:00
|
|
|
err "failed to create scratch file"
|
2020-03-22 02:48:10 +01:00
|
|
|
trap 'rm -fr -- "$scratch" "$newdir"' INT QUIT TERM
|
|
|
|
|
2024-02-05 17:06:50 +01:00
|
|
|
sekrit ls | while IFS= read -r entry; do
|
2020-03-22 02:48:10 +01:00
|
|
|
printf "%s... " "$entry"
|
|
|
|
sekrit get "$entry" >|"$scratch" ||
|
2020-05-03 16:47:27 +02:00
|
|
|
err "failed to export entry $entry"
|
2020-03-22 02:48:10 +01:00
|
|
|
newsekrit add "$entry" <"$scratch" ||
|
2020-05-03 16:47:27 +02:00
|
|
|
err "failed to import entry $entry"
|
2020-03-22 02:48:10 +01:00
|
|
|
printf "OK\n"
|
|
|
|
done
|
|
|
|
rm -f "$scratch"
|
|
|
|
|
|
|
|
outdir=sekrit-rekey-$(date +%Y%m%d)
|
|
|
|
if mv "$newdir" "$outdir"; then
|
|
|
|
finaldir=$outdir
|
|
|
|
else
|
|
|
|
finaldir=$newdir
|
|
|
|
fi
|
|
|
|
printf "New sekrit store can be found at %s\n" "$finaldir"
|