69 lines
1.8 KiB
Bash
Executable File
69 lines
1.8 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# klevstul :: 24.04
|
|
|
|
this_file_name=`basename "$0"`
|
|
echo "$this_file_name"
|
|
|
|
# location of ssh keys
|
|
syncdir_env_var=SYNCDIR_${HOSTNAME}
|
|
src_ssh_dir=${!syncdir_env_var}/secrets/.ssh
|
|
trg_ssh_dir=~/.ssh
|
|
|
|
echo "\$SYNCDIR_${HOSTNAME}=${!syncdir_env_var}"
|
|
echo "src_ssh_dir: ${src_ssh_dir}"
|
|
|
|
if ! [[ -d ${src_ssh_dir} ]]; then
|
|
echo "error: non-existing directory '${src_ssh_dir}'" >&2; exit 1
|
|
fi
|
|
|
|
if ! [[ -d "$trg_ssh_dir" ]]; then
|
|
echo "creating non-existing target dir '${trg_ssh_dir}'."
|
|
mkdir -p ${trg_ssh_dir}
|
|
chmod 0700 ${trg_ssh_dir}
|
|
fi
|
|
|
|
files=$(shopt -s nullglob dotglob; echo ${trg_ssh_dir}/*.pub)
|
|
if (( ${#files} ))
|
|
then
|
|
echo "*.pub file(s) already exist in ${trg_ssh_dir}"
|
|
else
|
|
echo "deploy .pub file(s)"
|
|
cp ${src_ssh_dir}/*.pub ${trg_ssh_dir}
|
|
fi
|
|
|
|
files=$(shopt -s nullglob dotglob; echo ${trg_ssh_dir}/*.gpg)
|
|
if (( ${#files} ))
|
|
then
|
|
echo "*.gpg file(s) already exist in ${trg_ssh_dir}"
|
|
else
|
|
echo "deploy .gpg file(s)"
|
|
cp ${src_ssh_dir}/*.gpg ${trg_ssh_dir}
|
|
fi
|
|
|
|
echo "do you want to decrypt *.gpg? (y/n)"
|
|
read user_input
|
|
|
|
if [[ ${user_input} == "y" ]]; then
|
|
echo "yes"
|
|
echo "please, remember the hint: poq.l2"
|
|
|
|
for file in ${src_ssh_dir}/*.gpg; do
|
|
echo "processing '$file'"
|
|
|
|
filename="${file##*/}" # get basename
|
|
filename="${filename%.*}" # remove extension
|
|
|
|
gpg -d ${trg_ssh_dir}/${filename}.gpg > ${trg_ssh_dir}/${filename}
|
|
chmod 0600 ${trg_ssh_dir}/${filename} # id_rsa can not be accessible by other users
|
|
trash-put ${trg_ssh_dir}/${filename}.gpg
|
|
done
|
|
|
|
else
|
|
echo "no worries. you can manually decrypt the file, if needed. example command:"
|
|
echo "gpg -d id_rsa.gpg > id_rsa"
|
|
fi
|
|
|
|
echo "${trg_ssh_dir}:"
|
|
ls -al ${trg_ssh_dir}
|