From 2620282282e5ef52db3f4342bff28ad6247cded1 Mon Sep 17 00:00:00 2001 From: "committer@tuxwarrior" Date: Wed, 25 Feb 2026 08:23:35 -0500 Subject: [PATCH] wip --- README.md | 17 ++++---- docs/cryptLocal.md | 7 ++++ docs/gpg.md | 42 +++++++++++++++++++ dots/archinstall/common/packages.txt | 2 +- ...auto_startup.sh => UNSURE.auto_startup.sh} | 0 dots/bin/cryptomatorBackup.sh | 3 +- dots/bin/deploySshKeys.sh | 2 +- dots/bin/exportGpgKeysToSecrets.sh | 41 ++++++++++++++++++ dots/bin/importGnupgKeys.sh | 40 +++++++++--------- ...lectHandler.sh => lfMultiSelectHandler.sh} | 0 10 files changed, 123 insertions(+), 31 deletions(-) create mode 100644 docs/cryptLocal.md create mode 100644 docs/gpg.md rename dots/bin/{auto_startup.sh => UNSURE.auto_startup.sh} (100%) create mode 100755 dots/bin/exportGpgKeysToSecrets.sh rename dots/bin/{obsolete/obsolete.lfMultiSelectHandler.sh => lfMultiSelectHandler.sh} (100%) diff --git a/README.md b/README.md index 813af10..0b0380f 100644 --- a/README.md +++ b/README.md @@ -205,11 +205,12 @@ if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up ## step eight :: post installation tasks - **KITTEN** - - `$ kitten themes 'paul millr'` + - `$ kitten themes 'cyberpunk neon'` - to list all themes: `$ kitten themes` - (search for `tropical` ➔ select `tropical neon` ➔ press `M` to modify kitten.conf and start using the theme) - - selected themes: + - favourite themes (as of feb 26): - dark background + - `kitten themes 'default'` - `kitten themes 'adwaita darker'` - `kitten themes 'encom'` - `kitten themes 'hachiko'` @@ -217,16 +218,16 @@ if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up - `kitten themes 'vibrant ink'` - `kitten themes 'wez'` - other dark themes - - `kitten themes '1984 dark'` - - `kitten themes 'box'` - - `kitten themes 'copland os'` - `kitten themes 'cyberpunk neon'` - - `kitten themes 'default'` - `kitten themes 'falcon'` - - `kitten themes 'neowave'` - - `kitten themes 'papercolor dark'` + - `kitten themes '1984 dark'` + - `kitten themes 'copland os'` - `kitten themes 'tropical neon'` - `kitten themes 'ubuntu'` + - `kitten themes 'neowave'` + - `kitten themes 'box'` + + - `kitten themes 'papercolor dark'` - **VSCODIUM** - **local sync** - open extensions and search for `local sync` diff --git a/docs/cryptLocal.md b/docs/cryptLocal.md new file mode 100644 index 0000000..4324a32 --- /dev/null +++ b/docs/cryptLocal.md @@ -0,0 +1,7 @@ +[ CRYPTLOCAL :: FRODE KLEVSTUL :: NOV 2025 ] + +This vault, "cryptLocal", is the MASTER vault where files are kept up-to-date. + +Changes are "pushed" to the "cryptCloud" vault, which is in the time of writing hosted with pCloud. This is done for backup purposes. + +To push the changes, open the "crypCloud" vault using Cryptomator. Then, execute 'pushToCryptCloud.sh'. diff --git a/docs/gpg.md b/docs/gpg.md new file mode 100644 index 0000000..1d4dc5d --- /dev/null +++ b/docs/gpg.md @@ -0,0 +1,42 @@ +# GENERATION OF LATEST KEYS + +src: https://cets.seas.upenn.edu/answers/pgp_keys.html & https://dev.to/adityabhuyan/how-to-generate-your-own-public-and-secret-keys-for-pgp-encryption-1joh ➔ + +``` +gpg --gen-key + Real name: Frode Klevstul + Email address: frode@klevstul.com + + gpg: revocation certificate stored as '/home/poq/.gnupg/openpgp-revocs.d/2C6781ED21DF77ADA325BB8F7B048108A509A75D.rev' + public and secret key created and signed. + + pub ed25519 2025-11-10 [SC] [expires: 2028-11-09] + 2C6781ED21DF77ADA325BB8F7B048108A509A75D + uid Frode Klevstul + sub cv25519 2025-11-10 [E] [expires: 2028-11-09] +``` + +### EXPORTING KEYS TO CRYPTLOCAL + +``` +cp -r /home/poq/.gnupg/openpgp-revocs.d/2C6781ED21DF77ADA325BB8F7B048108A509A75D.rev /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg +cd /home/poq/.gnupg/ +gpg --armor --export frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_publicKey.asc +gpg --armor --export-secret-keys frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_privateKey.asc +``` + +### EXPORTING KEYS TO SECRETS + +- open/mount cryptLocal +- `exportGpgKeysToSecrets.sh` + + +### APPENDIX + +#### old way to backup keys + +``` +gpg --export --export-options backup --output public.gpg frode@thisworld.is +gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is +``` +ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/ diff --git a/dots/archinstall/common/packages.txt b/dots/archinstall/common/packages.txt index 973f4f0..1d47e89 100644 --- a/dots/archinstall/common/packages.txt +++ b/dots/archinstall/common/packages.txt @@ -65,7 +65,7 @@ aur:yt-dlp-git # cli downloader - youtube-dl fork #aur:ctpv # lf file previewer #aur:megacmd # mega cli -fd # user-friendly alternative to find +fd # user-friendly alternative to find | https://github.com/sharkdp/fd #zed # code editor ufw # cli tool for managing a netfilter firewall superfile # terminal file manager diff --git a/dots/bin/auto_startup.sh b/dots/bin/UNSURE.auto_startup.sh similarity index 100% rename from dots/bin/auto_startup.sh rename to dots/bin/UNSURE.auto_startup.sh diff --git a/dots/bin/cryptomatorBackup.sh b/dots/bin/cryptomatorBackup.sh index 8e21e22..91f4e19 100755 --- a/dots/bin/cryptomatorBackup.sh +++ b/dots/bin/cryptomatorBackup.sh @@ -3,12 +3,11 @@ # klevstul :: 26.02.24 -# make sure cryptLocal is mounted and available - src_dir=/home/poq/.local/share/Cryptomator/mnt/cryptLocal tmp_dir=/tmp trg_dir=/home/poq/syncDir/0_downloads +# make sure cryptLocal is mounted and available if ! [ -d "$src_dir" ] then echo "missing source directory:" diff --git a/dots/bin/deploySshKeys.sh b/dots/bin/deploySshKeys.sh index f66eeb9..ffd06a2 100755 --- a/dots/bin/deploySshKeys.sh +++ b/dots/bin/deploySshKeys.sh @@ -49,7 +49,7 @@ if [[ ${user_input} == "y" ]]; then echo "please, remember the hint: poq.l2" for file in ${src_ssh_dir}/*.gpg; do - echo "processing '$file'" + echo "processing '${file}'" filename="${file##*/}" # get basename filename="${filename%.*}" # remove extension diff --git a/dots/bin/exportGpgKeysToSecrets.sh b/dots/bin/exportGpgKeysToSecrets.sh new file mode 100755 index 0000000..c745f9b --- /dev/null +++ b/dots/bin/exportGpgKeysToSecrets.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + +# klevstul :: 26.02.25 + + +src_dir=/home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg +tmp_dir=/tmp +trg_dir=/home/poq/syncDir/secrets/gnupg + +# make sure the dirs are available +if ! [ -d "$src_dir" ] +then + echo "" + echo "ERROR: can not open '$src_dir'! is the cryptLocal vault mounted?" + echo "" + exit +fi + +if ! [ -d "$trg_dir" ] +then + echo "" + echo "ERROR: can not open '$trg_dir'!" + echo "" + exit +fi + +# zip the content +timestamp=$(date +%y%m%d) +zip_file=${tmp_dir}/${timestamp}_gnupgKeys.zip +zip -r "${zip_file}" "${src_dir}/" -i "*.asc" + +# gpg encrypt the content +gpg --encrypt --sign --recipient frode@klevstul.com "${zip_file}" + +# delete the .zip file +srm -v "${zip_file}" + +# move the .gpg file to the target dir +mv "${zip_file}.gpg" "${trg_dir}/" + +ls -al "${trg_dir}/" diff --git a/dots/bin/importGnupgKeys.sh b/dots/bin/importGnupgKeys.sh index 1459556..18b773c 100755 --- a/dots/bin/importGnupgKeys.sh +++ b/dots/bin/importGnupgKeys.sh @@ -1,31 +1,33 @@ #!/usr/bin/env bash -# klevstul :: 24.06 +# klevstul :: 24.06 :: docs: docs/gpg.md -# --------------------------------------------------------------------------------------------------------------------- -# how to backup gpg: -# -# new method: -# cp /home/poq/.gnupg/ -# gpg --armor --export frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_publicKey.asc -# gpg --armor --export-secret-keys frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_privateKey.asc -# -# old method: -# gpg --export --export-options backup --output public.gpg frode@thisworld.is -# gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is -# ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/ -# --------------------------------------------------------------------------------------------------------------------- +src_dir=/home/poq/syncDir/secrets/gnupg +tmp_dir=/tmp this_file_name=`basename "$0"` echo "$this_file_name" echo "please, remember the hint: poq.l2" -# location of ssh keys -syncdir_env_var=SYNCDIR_${HOSTNAME} -src_gnupg_dir=${!syncdir_env_var}/secrets/gnupg +# copy .zip.gpg to tmp dir +cp ${src_dir}/*.zip.gpg ${tmp_dir} -gpg --import ${src_gnupg_dir}/*publicKey.asc -gpg --import ${src_gnupg_dir}/*privateKey.asc +# decrypt .gpg +gpg --decrypt --output ${tmp_dir}/gpgKeys.zip ${tmp_dir}/*.zip.gpg + +# extract .zip +unzip -j -d ${tmp_dir} ${tmp_dir}/gpgKeys.zip + +# delete decrypted zip file +srm -v ${tmp_dir}/gpgKeys.zip + +# import keys +for file in ${tmp_dir}/*.asc; do + echo "processing '${file}'" + + gpg --import ${file} + trash-put ${file} +done gpg --list-secret-keys --keyid-format LONG diff --git a/dots/bin/obsolete/obsolete.lfMultiSelectHandler.sh b/dots/bin/lfMultiSelectHandler.sh similarity index 100% rename from dots/bin/obsolete/obsolete.lfMultiSelectHandler.sh rename to dots/bin/lfMultiSelectHandler.sh