+ lordOfTheRing.sh
trying to tackle the keyring issue
This commit is contained in:
committer@tuxwarrior
144
dots/bin/lordOfTheRing.sh
Executable file
144
dots/bin/lordOfTheRing.sh
Executable file
@@ -0,0 +1,144 @@
|
||||
# frode klevstul : start 24.11.16 : add data to keyring
|
||||
|
||||
# ---------- info and how-to update ----------
|
||||
|
||||
# this script was made after experiencing that my keyrings was getting lost after upgrades.
|
||||
# the stored passwords here have to be updated now and then. to do that, deleting
|
||||
# existing keyring (using seahorse), and re-login to the system. then use seahorse to see
|
||||
# what values are being stored. those values are then to be copied over to this script (further below).
|
||||
|
||||
# ---------- nifty info
|
||||
|
||||
# Store secret:
|
||||
# SECRET="12345678"
|
||||
# echo -n "${SECRET}" \
|
||||
# | secret-tool store --label="Secret for example.org" domain example.org
|
||||
#
|
||||
# Lookup secret:
|
||||
# SECRET="$(secret-tool lookup domain example.org)"
|
||||
# echo "${SECRET}"
|
||||
#
|
||||
# src: https://discourse.gnome.org/t/how-do-you-actually-use-secret-tool/19818/2
|
||||
|
||||
# the key ring files are automatically stored at:
|
||||
# ~/.local/share/keyrings/login.keyring
|
||||
|
||||
|
||||
# locate the first keyring file in the keyring directory
|
||||
keyring_dir=/home/poq/.local/share/keyrings
|
||||
keyring_file=""
|
||||
for entry in "${keyring_dir}"/*
|
||||
do
|
||||
if [[ ${entry} == *.keyring ]] ; then
|
||||
echo "found keyring file: ${entry}"
|
||||
keyring_file=${entry}
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ ${keyring_file} == "" ]] ; then
|
||||
echo "no keyring file found."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# due to some scope issue, that i did not figure out how to solve, i am using tmp files on the os to keep track of stuff.
|
||||
# this instead of using variables, which would be the normal thing to do
|
||||
|
||||
# 'tf' for temporary file
|
||||
tf_secret_to_get="/tmp/stg.lotr"
|
||||
tf_secret_nextcloud="/tmp/sn.lotr"
|
||||
tf_secret_nextcloud_app="/tmp/sna.lotr"
|
||||
tf_secret_nextcloud_base="/tmp/snb.lotr"
|
||||
tf_secret_proton_account_singular="/tmp/sps.lotr"
|
||||
tf_secret_proton_accounts_multiple="/tmp/spm.lotr"
|
||||
|
||||
# https://gist.github.com/melbahja/33fac6f3f823632e880401f5f7451cfb
|
||||
cat ${keyring_file} | while read line || [[ -n ${line} ]];
|
||||
do
|
||||
[[ ${line//[[:space:]]/} =~ ^#.* || -z "$line" ]] && continue
|
||||
echo $line | tr "=" "\n" | while read -r key; do
|
||||
read -r value
|
||||
if [[ ${value} != "" ]] ; then
|
||||
if [[ ${key} == "display-name" ]] ; then
|
||||
if [[ ${value} == "Nextcloud" ]] ; then
|
||||
echo "get nextcloud value";
|
||||
echo "nextcloud" > ${tf_secret_to_get}
|
||||
elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-account-" ]] ; then
|
||||
echo "get proton 'account' (singular) value";
|
||||
echo "proton_account_singular" > ${tf_secret_to_get};
|
||||
elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-accounts" ]] ; then
|
||||
echo "get proton 'accounts' (multiple) value";
|
||||
echo "proton_account_multiple" > ${tf_secret_to_get};
|
||||
fi
|
||||
elif [[ ${key} == "secret" ]] ; then
|
||||
secret_to_get=$(cat ${tf_secret_to_get});
|
||||
echo "secret found for ${secret_to_get}";
|
||||
|
||||
if [[ ${secret_to_get} == "nextcloud" ]] ; then
|
||||
echo ${value} > ${tf_secret_nextcloud};
|
||||
elif [[ ${secret_to_get} == "proton_account_singular" ]] ; then
|
||||
echo "storing proton account singular value"
|
||||
# this is a multi-line value, so we need to do some more trickery, to get it working…
|
||||
# https://www.baeldung.com/linux/print-lines-between-two-patterns
|
||||
# https://unix.stackexchange.com/questions/471619/get-everything-after-first-occurence-of-substring
|
||||
value=$(awk '/secret={"UID":/{ f = 1 } /mtime=/{ f = 0 } f' /home/poq/.local/share/keyrings/aTmp.keyring | perl -pe 's/.*?secret=//');
|
||||
echo ${value} > ${tf_secret_proton_account_singular};
|
||||
elif [[ ${secret_to_get} == "proton_account_multiple" ]] ; then
|
||||
echo "storing proton multiple value"
|
||||
echo ${value} > ${tf_secret_proton_accounts_multiple};
|
||||
else
|
||||
echo "can not handle the secret_to_get value: '${secret_to_get}'";
|
||||
fi
|
||||
elif [[ ${value} =~ "_app-password:https://nx.op.fo" ]] ; then
|
||||
echo "storing nextcloud app secret"
|
||||
value=$(cat ${tf_secret_nextcloud});
|
||||
echo ${value} > ${tf_secret_nextcloud_app};
|
||||
elif [[ ${value} =~ ":https://nx.op.fo" ]] ; then
|
||||
echo "storing nextcloud base secret"
|
||||
value=$(cat ${tf_secret_nextcloud});
|
||||
echo ${value} > ${tf_secret_nextcloud_base};
|
||||
fi
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
# --------------------
|
||||
# NEXTCLOUD
|
||||
# --------------------
|
||||
|
||||
hasNextcloud=$(secret-tool lookup server Nextcloud)
|
||||
|
||||
if [[ -z "${hasNextcloud}" ]]
|
||||
then
|
||||
echo "adding keys for nextcloud"
|
||||
|
||||
# >>> set value 1 | frode_app-password:https://nx.op.fo/:0
|
||||
pwd_user_frode_app=$(cat ${tf_secret_nextcloud_app});
|
||||
echo -n "${pwd_user_frode_app}" | secret-tool store --label="Nextcloud" server Nextcloud user frode_app-password:https://nx.op.fo/:0 type base64
|
||||
|
||||
# >>> set value 2 | frode:https://nx.op.fo/:0
|
||||
pwd_user_frode=$(cat ${tf_secret_nextcloud_base});
|
||||
echo -n "${pwd_user_frode}" | secret-tool store --label="Nextcloud" server Nextcloud user frode:https://nx.op.fo/:0 type plaintext
|
||||
fi
|
||||
|
||||
# --------------------
|
||||
# PROTONVPN
|
||||
# --------------------
|
||||
|
||||
hasProtonVpn=$(secret-tool lookup service Proton)
|
||||
|
||||
if [[ -z "${hasProtonVpn}" ]]
|
||||
then
|
||||
echo "adding keys for protonvpn"
|
||||
|
||||
# >>> set value 1 | proton-sso-account-mzzg6zdf
|
||||
# note: It is significant that the last closing parenthesis is on another line, and END text must also appear on a line by itself.
|
||||
# And, there can be no indent on this line, or no spaces/tabs at the beginning of the line.
|
||||
# ref: https://stackoverflow.com/questions/23929235/multi-line-string-with-extra-space-preserved-indentation
|
||||
pwd_proton_1=$(cat ${tf_secret_proton_account_singular});
|
||||
echo -n "${pwd_proton_1}" | secret-tool store --label="Password for 'proton-sso-account-mzzg6zdf' on 'Proton'" application "Python keyring library" service Proton username proton-sso-account-mzzg6zdf
|
||||
|
||||
# >>> set value 2 | proton-sso-accounts
|
||||
pwd_proton_2=$(cat ${tf_secret_proton_accounts_multiple});
|
||||
echo -n "${pwd_proton_2}" | secret-tool store --label="Password for 'proton-sso-accounts' on 'Proton'" application "Python keyring library" service Proton username proton-sso-accounts
|
||||
fi
|
||||
@@ -45,6 +45,7 @@ elif [[ "${XWM}" == "i3" ]]; then
|
||||
|
||||
# populate keyring, and sleep to make sure it takes effect before apps start
|
||||
#/home/poq/syncDir/secrets/keyring/add_keyring_secrets.sh
|
||||
lordOfTheRing.sh
|
||||
sleep 3.5
|
||||
|
||||
# start miscellanous programs
|
||||
|
||||
Reference in New Issue
Block a user