diff --git a/dots/bin/lordOfTheRing.sh b/dots/bin/lordOfTheRing.sh new file mode 100755 index 0000000..c48c156 --- /dev/null +++ b/dots/bin/lordOfTheRing.sh @@ -0,0 +1,144 @@ +# frode klevstul : start 24.11.16 : add data to keyring + +# ---------- info and how-to update ---------- + +# this script was made after experiencing that my keyrings was getting lost after upgrades. +# the stored passwords here have to be updated now and then. to do that, deleting +# existing keyring (using seahorse), and re-login to the system. then use seahorse to see +# what values are being stored. those values are then to be copied over to this script (further below). + +# ---------- nifty info + +# Store secret: +# SECRET="12345678" +# echo -n "${SECRET}" \ +# | secret-tool store --label="Secret for example.org" domain example.org +# +# Lookup secret: +# SECRET="$(secret-tool lookup domain example.org)" +# echo "${SECRET}" +# +# src: https://discourse.gnome.org/t/how-do-you-actually-use-secret-tool/19818/2 + +# the key ring files are automatically stored at: +# ~/.local/share/keyrings/login.keyring + + +# locate the first keyring file in the keyring directory +keyring_dir=/home/poq/.local/share/keyrings +keyring_file="" +for entry in "${keyring_dir}"/* +do + if [[ ${entry} == *.keyring ]] ; then + echo "found keyring file: ${entry}" + keyring_file=${entry} + break + fi +done + +if [[ ${keyring_file} == "" ]] ; then + echo "no keyring file found." + exit 0 +fi + +# due to some scope issue, that i did not figure out how to solve, i am using tmp files on the os to keep track of stuff. +# this instead of using variables, which would be the normal thing to do + +# 'tf' for temporary file +tf_secret_to_get="/tmp/stg.lotr" +tf_secret_nextcloud="/tmp/sn.lotr" +tf_secret_nextcloud_app="/tmp/sna.lotr" +tf_secret_nextcloud_base="/tmp/snb.lotr" +tf_secret_proton_account_singular="/tmp/sps.lotr" +tf_secret_proton_accounts_multiple="/tmp/spm.lotr" + +# https://gist.github.com/melbahja/33fac6f3f823632e880401f5f7451cfb +cat ${keyring_file} | while read line || [[ -n ${line} ]]; +do + [[ ${line//[[:space:]]/} =~ ^#.* || -z "$line" ]] && continue + echo $line | tr "=" "\n" | while read -r key; do + read -r value + if [[ ${value} != "" ]] ; then + if [[ ${key} == "display-name" ]] ; then + if [[ ${value} == "Nextcloud" ]] ; then + echo "get nextcloud value"; + echo "nextcloud" > ${tf_secret_to_get} + elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-account-" ]] ; then + echo "get proton 'account' (singular) value"; + echo "proton_account_singular" > ${tf_secret_to_get}; + elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-accounts" ]] ; then + echo "get proton 'accounts' (multiple) value"; + echo "proton_account_multiple" > ${tf_secret_to_get}; + fi + elif [[ ${key} == "secret" ]] ; then + secret_to_get=$(cat ${tf_secret_to_get}); + echo "secret found for ${secret_to_get}"; + + if [[ ${secret_to_get} == "nextcloud" ]] ; then + echo ${value} > ${tf_secret_nextcloud}; + elif [[ ${secret_to_get} == "proton_account_singular" ]] ; then + echo "storing proton account singular value" + # this is a multi-line value, so we need to do some more trickery, to get it working… + # https://www.baeldung.com/linux/print-lines-between-two-patterns + # https://unix.stackexchange.com/questions/471619/get-everything-after-first-occurence-of-substring + value=$(awk '/secret={"UID":/{ f = 1 } /mtime=/{ f = 0 } f' /home/poq/.local/share/keyrings/aTmp.keyring | perl -pe 's/.*?secret=//'); + echo ${value} > ${tf_secret_proton_account_singular}; + elif [[ ${secret_to_get} == "proton_account_multiple" ]] ; then + echo "storing proton multiple value" + echo ${value} > ${tf_secret_proton_accounts_multiple}; + else + echo "can not handle the secret_to_get value: '${secret_to_get}'"; + fi + elif [[ ${value} =~ "_app-password:https://nx.op.fo" ]] ; then + echo "storing nextcloud app secret" + value=$(cat ${tf_secret_nextcloud}); + echo ${value} > ${tf_secret_nextcloud_app}; + elif [[ ${value} =~ ":https://nx.op.fo" ]] ; then + echo "storing nextcloud base secret" + value=$(cat ${tf_secret_nextcloud}); + echo ${value} > ${tf_secret_nextcloud_base}; + fi + fi + done +done + +# -------------------- +# NEXTCLOUD +# -------------------- + +hasNextcloud=$(secret-tool lookup server Nextcloud) + +if [[ -z "${hasNextcloud}" ]] +then + echo "adding keys for nextcloud" + + # >>> set value 1 | frode_app-password:https://nx.op.fo/:0 + pwd_user_frode_app=$(cat ${tf_secret_nextcloud_app}); + echo -n "${pwd_user_frode_app}" | secret-tool store --label="Nextcloud" server Nextcloud user frode_app-password:https://nx.op.fo/:0 type base64 + + # >>> set value 2 | frode:https://nx.op.fo/:0 + pwd_user_frode=$(cat ${tf_secret_nextcloud_base}); + echo -n "${pwd_user_frode}" | secret-tool store --label="Nextcloud" server Nextcloud user frode:https://nx.op.fo/:0 type plaintext +fi + +# -------------------- +# PROTONVPN +# -------------------- + +hasProtonVpn=$(secret-tool lookup service Proton) + +if [[ -z "${hasProtonVpn}" ]] +then + echo "adding keys for protonvpn" + + # >>> set value 1 | proton-sso-account-mzzg6zdf + # note: It is significant that the last closing parenthesis is on another line, and END text must also appear on a line by itself. + # And, there can be no indent on this line, or no spaces/tabs at the beginning of the line. + # ref: https://stackoverflow.com/questions/23929235/multi-line-string-with-extra-space-preserved-indentation + pwd_proton_1=$(cat ${tf_secret_proton_account_singular}); + echo -n "${pwd_proton_1}" | secret-tool store --label="Password for 'proton-sso-account-mzzg6zdf' on 'Proton'" application "Python keyring library" service Proton username proton-sso-account-mzzg6zdf + + # >>> set value 2 | proton-sso-accounts + pwd_proton_2=$(cat ${tf_secret_proton_accounts_multiple}); + echo -n "${pwd_proton_2}" | secret-tool store --label="Password for 'proton-sso-accounts' on 'Proton'" application "Python keyring library" service Proton username proton-sso-accounts +fi diff --git a/dots/bin/startup.sh b/dots/bin/startup.sh index 21699cd..14e6deb 100755 --- a/dots/bin/startup.sh +++ b/dots/bin/startup.sh @@ -45,6 +45,7 @@ elif [[ "${XWM}" == "i3" ]]; then # populate keyring, and sleep to make sure it takes effect before apps start #/home/poq/syncDir/secrets/keyring/add_keyring_secrets.sh + lordOfTheRing.sh sleep 3.5 # start miscellanous programs