Add script for rekeying sekrit store
This commit is contained in:
parent
649ead1257
commit
78c51d09c7
46
utils/scripts/sekrit-rekey.sh
Normal file
46
utils/scripts/sekrit-rekey.sh
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
usage()
|
||||||
|
{
|
||||||
|
printf "Usage: %s newkey\n" "${0##*/}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
err()
|
||||||
|
{
|
||||||
|
printf "%s: %s\n" "${0##*/}" "$*" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
newsekrit()
|
||||||
|
{
|
||||||
|
SEKRIT_DIR="$newdir" SEKRIT_GPG_ID="$newkey" sekrit "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
[ $# -eq 1 ] || usage
|
||||||
|
newkey=$1
|
||||||
|
gpg2 -k "$newkey" >/dev/null || err "Can't find key \"$newkey\""
|
||||||
|
|
||||||
|
umask 077
|
||||||
|
newdir=$(mktemp -dt sekrit-XXXXXXXXXX) ||
|
||||||
|
err "Failed to create temporary directory"
|
||||||
|
scratch=$(mktemp -tp "$newdir" .sekrit-scratch-XXXXXXXXXX) ||
|
||||||
|
err "Failed to create scratch file"
|
||||||
|
trap 'rm -fr -- "$scratch" "$newdir"' INT QUIT TERM
|
||||||
|
|
||||||
|
for entry in $(sekrit ls | grep -v ^DONE); do
|
||||||
|
printf "%s... " "$entry"
|
||||||
|
sekrit get "$entry" >|"$scratch" ||
|
||||||
|
err "Failed to export entry \"$entry\""
|
||||||
|
newsekrit add "$entry" <"$scratch" ||
|
||||||
|
err "Failed to import entry \"$entry\""
|
||||||
|
printf "OK\n"
|
||||||
|
done
|
||||||
|
rm -f "$scratch"
|
||||||
|
|
||||||
|
outdir=sekrit-rekey-$(date +%Y%m%d)
|
||||||
|
if mv "$newdir" "$outdir"; then
|
||||||
|
finaldir=$outdir
|
||||||
|
else
|
||||||
|
finaldir=$newdir
|
||||||
|
fi
|
||||||
|
printf "New sekrit store can be found at %s\n" "$finaldir"
|
Loading…
Reference in New Issue
Block a user