wip

README.md

@@ -205,11 +205,12 @@ if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up
 ## step eight :: post installation tasks
 
 - **KITTEN**
-  - `$ kitten themes 'paul millr'`
+  - `$ kitten themes 'cyberpunk neon'`
     - to list all themes: `$ kitten themes`
       - (search for `tropical` ➔ select `tropical neon` ➔ press `M` to modify kitten.conf and start using the theme)
-    - selected themes:
+    - favourite themes (as of feb 26):
       - dark background
+        - `kitten themes 'default'`
         - `kitten themes 'adwaita darker'`
         - `kitten themes 'encom'`
         - `kitten themes 'hachiko'`
@@ -217,16 +218,16 @@ if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up
         - `kitten themes 'vibrant ink'`
         - `kitten themes 'wez'`
       - other dark themes
-        - `kitten themes '1984 dark'`
-        - `kitten themes 'box'`
-        - `kitten themes 'copland os'`
         - `kitten themes 'cyberpunk neon'`
-        - `kitten themes 'default'`
         - `kitten themes 'falcon'`
-        - `kitten themes 'neowave'`
+        - `kitten themes '1984 dark'`
-        - `kitten themes 'papercolor dark'`
+        - `kitten themes 'copland os'`
         - `kitten themes 'tropical neon'`
         - `kitten themes 'ubuntu'`
+        - `kitten themes 'neowave'`
+        - `kitten themes 'box'`
+
+        - `kitten themes 'papercolor dark'`
 - **VSCODIUM**
   - **local sync**
   - open extensions and search for `local sync`

docs/cryptLocal.md

@@ -0,0 +1,7 @@
+[ CRYPTLOCAL :: FRODE KLEVSTUL :: NOV 2025 ]
+
+This vault, "cryptLocal", is the MASTER vault where files are kept up-to-date.
+
+Changes are "pushed" to the "cryptCloud" vault, which is in the time of writing hosted with pCloud. This is done for backup purposes.
+
+To push the changes, open the "crypCloud" vault using Cryptomator. Then, execute 'pushToCryptCloud.sh'.

docs/gpg.md

@@ -0,0 +1,42 @@
+# GENERATION OF LATEST KEYS
+
+src: https://cets.seas.upenn.edu/answers/pgp_keys.html & https://dev.to/adityabhuyan/how-to-generate-your-own-public-and-secret-keys-for-pgp-encryption-1joh ➔
+
+```
+gpg --gen-key
+  Real name: Frode Klevstul
+  Email address: frode@klevstul.com
+
+  gpg: revocation certificate stored as '/home/poq/.gnupg/openpgp-revocs.d/2C6781ED21DF77ADA325BB8F7B048108A509A75D.rev'
+  public and secret key created and signed.
+
+  pub   ed25519 2025-11-10 [SC] [expires: 2028-11-09]
+        2C6781ED21DF77ADA325BB8F7B048108A509A75D
+  uid                      Frode Klevstul <frode@klevstul.com>
+  sub   cv25519 2025-11-10 [E] [expires: 2028-11-09]
+```
+
+### EXPORTING KEYS TO CRYPTLOCAL
+
+```
+cp -r /home/poq/.gnupg/openpgp-revocs.d/2C6781ED21DF77ADA325BB8F7B048108A509A75D.rev /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg
+cd /home/poq/.gnupg/
+gpg --armor --export frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_publicKey.asc
+gpg --armor --export-secret-keys frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_privateKey.asc
+```
+
+### EXPORTING KEYS TO SECRETS
+
+- open/mount cryptLocal
+- `exportGpgKeysToSecrets.sh`
+
+
+### APPENDIX
+
+#### old way to backup keys
+
+```
+gpg --export --export-options backup --output public.gpg frode@thisworld.is
+gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is
+```
+ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/

dots/archinstall/common/packages.txt

@@ -65,7 +65,7 @@ aur:yt-dlp-git                          # cli downloader - youtube-dl fork
 #aur:ctpv                                # lf file previewer
 #aur:megacmd                             # mega cli
 
-fd                                      # user-friendly alternative to find
+fd                                      # user-friendly alternative to find | https://github.com/sharkdp/fd
 #zed                                     # code editor
 ufw                                     # cli tool for managing a netfilter firewall
 superfile                               # terminal file manager

dots/bin/cryptomatorBackup.sh

@@ -3,12 +3,11 @@
 # klevstul :: 26.02.24
 
 
-# make sure cryptLocal is mounted and available
-
 src_dir=/home/poq/.local/share/Cryptomator/mnt/cryptLocal
 tmp_dir=/tmp
 trg_dir=/home/poq/syncDir/0_downloads
 
+# make sure cryptLocal is mounted and available
 if ! [ -d "$src_dir" ]
 then
   echo "missing source directory:"

dots/bin/deploySshKeys.sh

@@ -49,7 +49,7 @@ if [[ ${user_input} == "y" ]]; then
      echo "please, remember the hint: poq.l2"
 
     for file in ${src_ssh_dir}/*.gpg; do
-        echo "processing '$file'"
+        echo "processing '${file}'"
 
         filename="${file##*/}"                          # get basename
         filename="${filename%.*}"                       # remove extension

dots/bin/exportGpgKeysToSecrets.sh

@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+# klevstul :: 26.02.25
+
+
+src_dir=/home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg
+tmp_dir=/tmp
+trg_dir=/home/poq/syncDir/secrets/gnupg
+
+# make sure the dirs are available
+if ! [ -d "$src_dir" ]
+then
+  echo ""
+  echo "ERROR: can not open '$src_dir'! is the cryptLocal vault mounted?"
+  echo ""
+  exit
+fi
+
+if ! [ -d "$trg_dir" ]
+then
+  echo ""
+  echo "ERROR: can not open '$trg_dir'!"
+  echo ""
+  exit
+fi
+
+# zip the content
+timestamp=$(date +%y%m%d)
+zip_file=${tmp_dir}/${timestamp}_gnupgKeys.zip
+zip -r "${zip_file}" "${src_dir}/" -i "*.asc"
+
+# gpg encrypt the content
+gpg --encrypt --sign --recipient frode@klevstul.com "${zip_file}"
+
+# delete the .zip file
+srm -v "${zip_file}"
+
+# move the .gpg file to the target dir
+mv "${zip_file}.gpg" "${trg_dir}/"
+
+ls -al "${trg_dir}/"

dots/bin/importGnupgKeys.sh

@@ -1,31 +1,33 @@
 #!/usr/bin/env bash
 
-# klevstul :: 24.06
+# klevstul :: 24.06 :: docs: docs/gpg.md
 
-# ---------------------------------------------------------------------------------------------------------------------
+src_dir=/home/poq/syncDir/secrets/gnupg
-# how to backup gpg:
+tmp_dir=/tmp
-#
-# new method:
-#   cp /home/poq/.gnupg/
-#   gpg --armor --export frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_publicKey.asc
-#   gpg --armor --export-secret-keys frode@klevstul.com > /home/poq/.local/share/Cryptomator/mnt/cryptLocal/content/keys/openPgp/.gnupg/251110_frodeKlevstul_privateKey.asc
-#
-# old method:
-#   gpg --export --export-options backup --output public.gpg frode@thisworld.is
-#   gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is
-#   ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/
-# ---------------------------------------------------------------------------------------------------------------------
 
 this_file_name=`basename "$0"`
 echo "$this_file_name"
 
 echo "please, remember the hint: poq.l2"
 
-# location of ssh keys
+# copy .zip.gpg to tmp dir
-syncdir_env_var=SYNCDIR_${HOSTNAME}
+cp ${src_dir}/*.zip.gpg ${tmp_dir}
-src_gnupg_dir=${!syncdir_env_var}/secrets/gnupg
 
-gpg --import ${src_gnupg_dir}/*publicKey.asc
+# decrypt .gpg
-gpg --import ${src_gnupg_dir}/*privateKey.asc
+gpg --decrypt --output ${tmp_dir}/gpgKeys.zip ${tmp_dir}/*.zip.gpg
+
+# extract .zip
+unzip -j -d ${tmp_dir} ${tmp_dir}/gpgKeys.zip
+
+# delete decrypted zip file
+srm -v ${tmp_dir}/gpgKeys.zip
+
+# import keys
+for file in ${tmp_dir}/*.asc; do
+    echo "processing '${file}'"
+
+    gpg --import ${file}
+    trash-put  ${file}
+done
 
 gpg --list-secret-keys --keyid-format LONG