#!/usr/bin/env bash

# klevstul :: 24.06

# how to backup gpg:
# gpg --export --export-options backup --output public.gpg frode@thisworld.is
# gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is
# ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/

this_file_name=`basename "$0"`
echo "$this_file_name"

# location of ssh keys
syncdir_env_var=SYNCDIR_${HOSTNAME}
src_gnupg_dir=${!syncdir_env_var}/secrets/gnupg

gpg --import ${src_gnupg_dir}/public.gpg
gpg --import ${src_gnupg_dir}/private.gpg

gpg --list-secret-keys --keyid-format LONG

#trg_gnupg_dir=~/.gnupg
#
#echo "\$SYNCDIR_${HOSTNAME}=${!syncdir_env_var}"
#echo "src_gnupg_dir: ${src_gnupg_dir}"
#
#if ! [[ -d ${src_gnupg_dir} ]]; then
#    echo "error: non-existing directory '${src_gnupg_dir}'" >&2; exit 1
#fi
#
#if ! [[ -d "$trg_gnupg_dir" ]]; then
#    echo "creating non-existing target dir '${trg_gnupg_dir}'."
#    mkdir -p ${trg_gnupg_dir}
#fi
#
#the_file=trustdb.gpg
#if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
#    echo "deploy ${the_file}"
#    cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
#else
#    echo "${the_file} already exist in ${trg_gnupg_dir}"
#fi
#
#the_file=pubring.kbx
#if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
#    echo "deploy ${the_file}"
#    cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
#else
#    echo "${the_file} already exist in ${trg_gnupg_dir}"
#fi
#
#the_directory=openpgp-revocs.d
#if ! [[ -d ${trg_gnupg_dir}/${the_directory} ]]; then
#    echo "deploy ${the_directory}"
#    cp -r ${src_gnupg_dir}/${the_directory} ${trg_gnupg_dir}
#else
#    echo "${the_directory} already exist in ${trg_gnupg_dir}"
#fi
#
#the_file=private-keys-v1.d.7z.gpg
#if ! [[ -d ${trg_gnupg_dir}/private-keys-v1.d ]]; then
#    echo "deploy private-keys-v1.d"
#    cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
#else
#    echo
#    echo "ERROR: directory 'private-keys-v1.d' already exist in ${trg_gnupg_dir}"
#    echo "rename or delete existing directory and try again (backup the content if needed)."
#    exit 1
#fi
#
#echo "do you want to unpack and decrypt ${the_file}? (y/n)"
#read user_input
#
#if [[ ${user_input} == "y" ]]; then
#    echo "yes"
#    echo "please, remember the hint: poq.l2"
#    gpg -d ${trg_gnupg_dir}/${the_file} > ${trg_gnupg_dir}/private-keys-v1.d.7z
#    7za x ${trg_gnupg_dir}/private-keys-v1.d.7z -o${trg_gnupg_dir}
#    chmod 0600 ${trg_gnupg_dir}/private-keys-v1.d/*        # private keys should not be accessible by other users
#
#    trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z.gpg
#    trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z
#else
#    echo "no worries. you can manually unpack and decrypt the file, if needed:"
#    echo "gpg -d private-keys-v1.d.7z.gpg > private-keys-v1.d.7z"
#    echo "7za x -private-keys-v1.d.7z"
#fi
#
#echo "${trg_gnupg_dir}:"
#ls -al ${trg_gnupg_dir}
#