about summary refs log tree commit diff
path: root/configs
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2019-03-11T18·00+0000
committerWilliam Carroll <wpcarro@gmail.com>2019-03-11T18·00+0000
commiteaf42b68c25e9bfdb2e5f62f9e9bd460405071d9 (patch)
treeab1841ec8e4f14245fcc5c9a9d158af0ee39ad61 /configs
parente774ce5d1c8ddb62fc62c69719390eff1c4f50b0 (diff)
Better support GPG migrations
After yet another unpleasant experience starting up GPG on a new system, I
decided to encode my learnings and mistakes as aliases, functions, scripts,
hoping to protect my future me from myself. Fingers crossed!
Diffstat (limited to 'configs')
-rwxr-xr-xconfigs/shared/gpg/.gnupg/export.sh21
-rw-r--r--configs/shared/gpg/.gnupg/import.sh13
-rw-r--r--configs/shared/zsh/aliases.zsh6
-rw-r--r--configs/shared/zsh/variables.zsh1
4 files changed, 41 insertions, 0 deletions
diff --git a/configs/shared/gpg/.gnupg/export.sh b/configs/shared/gpg/.gnupg/export.sh
new file mode 100755
index 000000000000..571689773b0e
--- /dev/null
+++ b/configs/shared/gpg/.gnupg/export.sh
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Run this script to export all the information required to transport your GPG
+# information.
+# Usage: ./export.sh [directory]
+# TODO: run this periodically as a job.
+
+destination="${1:-$(mktemp -d)}"
+
+if [ ! -d "$destination" ]; then
+  echo "$destination does not exist. Creating it..."
+  mkdir -p "$destination"
+fi
+
+gpg --armor --export >"$destination/public.asc"
+gpg --armor --export-secret-keys >"$destination/secret.asc"
+gpg --armor --export-ownertrust >"$destination/ownertrust.txt"
+
+echo $(realpath "$destination")
diff --git a/configs/shared/gpg/.gnupg/import.sh b/configs/shared/gpg/.gnupg/import.sh
new file mode 100644
index 000000000000..9fb9be64f060
--- /dev/null
+++ b/configs/shared/gpg/.gnupg/import.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Run this script to import all of the information exported by `export.sh`.
+# Usage: ./export.sh path/to/directory
+
+gpg --import "$1/public.asc"
+gpg --import "$1/secret.asc"
+gpg --import-ownertrust "$1/ownertrust.txt"
+
+# Run this at the end to output some verification
+gpg --list-keys
diff --git a/configs/shared/zsh/aliases.zsh b/configs/shared/zsh/aliases.zsh
index c2788d41e12e..ad00763dad59 100644
--- a/configs/shared/zsh/aliases.zsh
+++ b/configs/shared/zsh/aliases.zsh
@@ -49,6 +49,12 @@ alias mdg="mix deps.get"
 alias mdu="mix deps.update"
 alias mdup="mix docker.up"
 
+# GPG
+alias gpged='gpg --edit-key wpcarro@gmail.com'
+alias gpge='gpg --encrypt'
+alias gpgd='gpg --decrypt'
+alias gpgls='gpg --list-keys'
+
 # Git
 alias g="git"
 alias glp='git log --graph --pretty=format:"%Cred%h%Creset -%Cblue %an %Creset - %C(yellow)%d%Creset %s %Cgreen(%cr)%Creset" --abbrev-commit --date=relative'
diff --git a/configs/shared/zsh/variables.zsh b/configs/shared/zsh/variables.zsh
index 53f6f3e84a09..5e8e67ed0221 100644
--- a/configs/shared/zsh/variables.zsh
+++ b/configs/shared/zsh/variables.zsh
@@ -1,6 +1,7 @@
 export TERMINAL=urxvtc
 export EDITOR=emacsclient
 export ALTERNATE_EDITOR=nvim
+export GPG_TTY=$(tty) # "It is important that this environment variable always reflects the output of the tty command". Source: https://gnupg.org/documentation/manuals/gnupg-devel/Invoking-GPG_002dAGENT.html
 
 BROWSER=google-chrome
 NIXIFY="$HOME/programming/nixify"