# frode klevstul : start 24.11.16 : add data to keyring # ---------- info and how-to update ---------- # this script was made after experiencing that my keyrings was getting lost after upgrades. # the stored passwords here have to be updated now and then. to do that, deleting # existing keyring (using seahorse), and re-login to the system. then use seahorse to see # what values are being stored. those values are then to be copied over to this script (further below). # ---------- nifty info # Store secret: # SECRET="12345678" # echo -n "${SECRET}" \ # | secret-tool store --label="Secret for example.org" domain example.org # # Lookup secret: # SECRET="$(secret-tool lookup domain example.org)" # echo "${SECRET}" # # src: https://discourse.gnome.org/t/how-do-you-actually-use-secret-tool/19818/2 # the key ring files are automatically stored at: # ~/.local/share/keyrings/login.keyring # locate the first keyring file in the keyring directory keyring_dir=/home/poq/.local/share/keyrings keyring_file="" for entry in "${keyring_dir}"/* do if [[ ${entry} == *.keyring ]] ; then echo "found keyring file: ${entry}" keyring_file=${entry} break fi done if [[ ${keyring_file} == "" ]] ; then echo "no keyring file found." exit 0 fi # due to some scope issue, that i did not figure out how to solve, i am using tmp files on the os to keep track of stuff. # this instead of using variables, which would be the normal thing to do # 'tf' for temporary file tf_secret_to_get="/tmp/stg.lotr" tf_secret_nextcloud="/tmp/sn.lotr" tf_secret_nextcloud_app="/tmp/sna.lotr" tf_secret_nextcloud_base="/tmp/snb.lotr" tf_secret_proton_account_singular="/tmp/sps.lotr" tf_secret_proton_accounts_multiple="/tmp/spm.lotr" # https://gist.github.com/melbahja/33fac6f3f823632e880401f5f7451cfb cat ${keyring_file} | while read line || [[ -n ${line} ]]; do [[ ${line//[[:space:]]/} =~ ^#.* || -z "$line" ]] && continue echo $line | tr "=" "\n" | while read -r key; do read -r value if [[ ${value} != "" ]] ; then if [[ ${key} == "display-name" ]] ; then if [[ ${value} == "Nextcloud" ]] ; then echo "get nextcloud value"; echo "nextcloud" > ${tf_secret_to_get} elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-account-" ]] ; then echo "get proton 'account' (singular) value"; echo "proton_account_singular" > ${tf_secret_to_get}; elif [[ ${value} =~ "Proton" ]] && [[ ${value} =~ "proton-sso-accounts" ]] ; then echo "get proton 'accounts' (multiple) value"; echo "proton_account_multiple" > ${tf_secret_to_get}; fi elif [[ ${key} == "secret" ]] ; then secret_to_get=$(cat ${tf_secret_to_get}); echo "secret found for ${secret_to_get}"; if [[ ${secret_to_get} == "nextcloud" ]] ; then echo ${value} > ${tf_secret_nextcloud}; elif [[ ${secret_to_get} == "proton_account_singular" ]] ; then echo "storing proton account singular value" # this is a multi-line value, so we need to do some more trickery, to get it working… # https://www.baeldung.com/linux/print-lines-between-two-patterns # https://unix.stackexchange.com/questions/471619/get-everything-after-first-occurence-of-substring value=$(awk '/secret={"UID":/{ f = 1 } /mtime=/{ f = 0 } f' /home/poq/.local/share/keyrings/aTmp.keyring | perl -pe 's/.*?secret=//'); echo ${value} > ${tf_secret_proton_account_singular}; elif [[ ${secret_to_get} == "proton_account_multiple" ]] ; then echo "storing proton multiple value" echo ${value} > ${tf_secret_proton_accounts_multiple}; else echo "can not handle the secret_to_get value: '${secret_to_get}'"; fi elif [[ ${value} =~ "_app-password:https://nx.op.fo" ]] ; then echo "storing nextcloud app secret" value=$(cat ${tf_secret_nextcloud}); echo ${value} > ${tf_secret_nextcloud_app}; elif [[ ${value} =~ ":https://nx.op.fo" ]] ; then echo "storing nextcloud base secret" value=$(cat ${tf_secret_nextcloud}); echo ${value} > ${tf_secret_nextcloud_base}; fi fi done done # -------------------- # NEXTCLOUD # -------------------- hasNextcloud=$(secret-tool lookup server Nextcloud) if [[ -z "${hasNextcloud}" ]] then echo "adding keys for nextcloud" # >>> set value 1 | frode_app-password:https://nx.op.fo/:0 pwd_user_frode_app=$(cat ${tf_secret_nextcloud_app}); echo -n "${pwd_user_frode_app}" | secret-tool store --label="Nextcloud" server Nextcloud user frode_app-password:https://nx.op.fo/:0 type base64 # >>> set value 2 | frode:https://nx.op.fo/:0 pwd_user_frode=$(cat ${tf_secret_nextcloud_base}); echo -n "${pwd_user_frode}" | secret-tool store --label="Nextcloud" server Nextcloud user frode:https://nx.op.fo/:0 type plaintext fi # -------------------- # PROTONVPN # -------------------- hasProtonVpn=$(secret-tool lookup service Proton) if [[ -z "${hasProtonVpn}" ]] then echo "adding keys for protonvpn" # >>> set value 1 | proton-sso-account-mzzg6zdf # note: It is significant that the last closing parenthesis is on another line, and END text must also appear on a line by itself. # And, there can be no indent on this line, or no spaces/tabs at the beginning of the line. # ref: https://stackoverflow.com/questions/23929235/multi-line-string-with-extra-space-preserved-indentation pwd_proton_1=$(cat ${tf_secret_proton_account_singular}); echo -n "${pwd_proton_1}" | secret-tool store --label="Password for 'proton-sso-account-mzzg6zdf' on 'Proton'" application "Python keyring library" service Proton username proton-sso-account-mzzg6zdf # >>> set value 2 | proton-sso-accounts pwd_proton_2=$(cat ${tf_secret_proton_accounts_multiple}); echo -n "${pwd_proton_2}" | secret-tool store --label="Password for 'proton-sso-accounts' on 'Proton'" application "Python keyring library" service Proton username proton-sso-accounts fi