diff options
-rwxr-xr-x | users/wpcarro/bin/__dispatch.sh | 6 | ||||
l--------- | users/wpcarro/bin/export-gpg | 1 | ||||
l--------- | users/wpcarro/bin/import-gpg | 1 | ||||
-rw-r--r-- | users/wpcarro/configs/default.nix | 67 |
4 files changed, 72 insertions, 3 deletions
diff --git a/users/wpcarro/bin/__dispatch.sh b/users/wpcarro/bin/__dispatch.sh index b7671562eb2d..17556ad2e020 100755 --- a/users/wpcarro/bin/__dispatch.sh +++ b/users/wpcarro/bin/__dispatch.sh @@ -12,6 +12,12 @@ case "${TARGET_TOOL}" in deploy-diogenes) attr="users.wpcarro.nixos.deploy-diogenes" ;; + import-gpg) + attr="users.wpcarro.configs.import-gpg" + ;; + export-gpg) + attr="users.wpcarro.configs.export-gpg" + ;; *) echo "The tool '${TARGET_TOOL}' is currently not installed in this repository." exit 1 diff --git a/users/wpcarro/bin/export-gpg b/users/wpcarro/bin/export-gpg new file mode 120000 index 000000000000..8390ec9c9652 --- /dev/null +++ b/users/wpcarro/bin/export-gpg @@ -0,0 +1 @@ +__dispatch.sh \ No newline at end of file diff --git a/users/wpcarro/bin/import-gpg b/users/wpcarro/bin/import-gpg new file mode 120000 index 000000000000..8390ec9c9652 --- /dev/null +++ b/users/wpcarro/bin/import-gpg @@ -0,0 +1 @@ +__dispatch.sh \ No newline at end of file diff --git a/users/wpcarro/configs/default.nix b/users/wpcarro/configs/default.nix index 5b0b6a7dcc31..81ba5b4d48ac 100644 --- a/users/wpcarro/configs/default.nix +++ b/users/wpcarro/configs/default.nix @@ -1,11 +1,72 @@ { pkgs, ... }: -{ - install = pkgs.writeShellScript "install-configs" '' +let + inherit (pkgs) writeShellScript; + inherit (pkgs.lib.strings) makeBinPath; +in { + install = writeShellScript "install-configs" '' cd "$WPCARRO/configs" && ${pkgs.stow}/bin/stow --target="$HOME" . ''; - uninstall = pkgs.writeShellScript "uninstall-configs" '' + uninstall = writeShellScript "uninstall-configs" '' cd "$WPCARRO/configs" && ${pkgs.stow}/bin/stow --delete --target="$HOME" . ''; + + # Run this script to import all of the information exported by `export.sh`. + # Usage: import-gpg path/to/export.zip + import-gpg = writeShellScript "import-gpg" '' + set -euo pipefail + + if [ -z "''${1+x}" ]; then + echo "You must specify the path to export.zip. Exiting..." + exit 1 + fi + + PATH="${makeBinPath (with pkgs; [ busybox gnupg ])}" + destination="$(mktemp -d)" + + function cleanup() { + rm -rf "$destination" + } + trap cleanup EXIT + + unzip "$1" -d "$destination" >/dev/null + + gpg --import "$destination/public.asc" + gpg --import "$destination/secret.asc" + gpg --import-ownertrust "$destination/ownertrust.txt" + + # Run this at the end to output some verification + gpg --list-keys + gpg --list-secret-keys + ''; + + # Run this script to export all the information required to transport your GPG + # information to a zip file. + # Usage: export-gpg + export-gpg = writeShellScript "export-gpg" '' + set -euo pipefail + + PATH="${makeBinPath (with pkgs; [ busybox gnupg zip ])}" + output="$(pwd)/export.zip" + destination="$(mktemp -d)" + + function cleanup() { + rm -rf "$destination" + } + trap cleanup EXIT + + gpg --armor --export >"$destination/public.asc" + gpg --armor --export-secret-keys >"$destination/secret.asc" + gpg --armor --export-ownertrust >"$destination/ownertrust.txt" + + # Strangely enough this appears to be the only way to create a zip of a + # directory that doesn't contain the (noisy) full paths of each item from + # the source filesystem. (i.e. -j doesn't cooperate with -r). + pushd "$destination" + zip -r "$output" ./* + popd + + echo "$(realpath $output)" + ''; } |