diff options
-rwxr-xr-x | git-maintenance/dog.sh (renamed from git-maintenance/get.sh) | 19 | ||||
-rwxr-xr-x | git-maintenance/store.sh | 19 |
2 files changed, 24 insertions, 14 deletions
diff --git a/git-maintenance/get.sh b/git-maintenance/dog.sh index d980d98..757fcc4 100755 --- a/git-maintenance/get.sh +++ b/git-maintenance/dog.sh @@ -1,9 +1,18 @@ #!/usr/bin/env bash -PASS="$(ls "/run/media/"*/*"/key.fsojp.aes256" | head -n 1)" +#PASS="file:$(ls "/run/media/"*/*"/key.fsojp.aes256" | head -n 1)" +echo +echo == Enter password. == +echo +PASS="pass:$(echo 53616c7465645f5f6eb8e165b79052263e125e4070138e26b3d127bb36e3e943f212d2d761a4426170cc2c17c58bc5d67c99eddb1df6ee1c02d7b33dd95ecdf0 | xxd -ps -r | openssl aes-256-cbc -salt -pbkdf2 -d)" PUBKEY=1KwpZECcrGWnM3AFVSbv3Xr5qguV4yG2sV NONCE="$(date +%s)" +if ! curl -sfI "https://bico.media/">/dev/null; then echo; echo "== Remember to get on internet. =="; echo; exit 2; fi + +#if [ "$PASS" = "pass:" ]; then echo "Need better password."; exit 1; fi + + URLPFX="https://bico.media/$PUBKEY" if [ "$1" != "" ] then @@ -15,12 +24,12 @@ then fi if [ "$REPONAME" = "" ] then - REPONAME=for-slow-organization-job-private + REPONAME=dog fi echo "" echo "This script is expected to be kept in sync with:" -echo " ${URLPFX}/get.sh" +echo " ${URLPFX}/dog.sh" echo "" # 2. mkdir -p .git/encrypted and git init @@ -39,7 +48,7 @@ rm objects/pack/* # 3. download .git/encrypted with wget curl -sfI "$URLPFX"/refs.aes?"$NONCE">/dev/null && wget "$URLPFX"/refs.aes?"$NONCE" -O encrypted/refs.aes || echo "==== BROKEN REMOTE refs.aes PLEASE RE-STORE OR RECOVER ====" -openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in encrypted/refs.aes | tar -Jxvf - +openssl aes-256-cbc -salt -pbkdf2 -pass "$PASS" -d -in encrypted/refs.aes | tar -Jxvf - for encpack in $(<encrypted/list.txt) do @@ -49,7 +58,7 @@ do NONCE="$(date +%s)" done wget "$URLPFX"/"$encpack"?"$NONCE" -O encrypted/"$encpack" - openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in encrypted/"$encpack" | tar -Jxvf - + openssl aes-256-cbc -salt -pbkdf2 -pass "$PASS" -d -in encrypted/"$encpack" | tar -Jxvf - done for pack in objects/pack/*.pack diff --git a/git-maintenance/store.sh b/git-maintenance/store.sh index c9c13c2..09fc17f 100755 --- a/git-maintenance/store.sh +++ b/git-maintenance/store.sh @@ -1,6 +1,10 @@ #!/usr/bin/env bash -PASS="$(ls "/run/media/"*/*"/key.fsojp.aes256" | head -n 1)" +#PASS="$(ls "/run/media/"*/*"/key.fsojp.aes256" | head -n 1)" +echo +echo == Enter password. == +echo +PASS="pass:$(echo 53616c7465645f5f6eb8e165b79052263e125e4070138e26b3d127bb36e3e943f212d2d761a4426170cc2c17c58bc5d67c99eddb1df6ee1c02d7b33dd95ecdf0 | xxd -ps -r | openssl aes-256-cbc -salt -pbkdf2 -d)" ROOTDIR="$(git rev-parse --show-toplevel)" cd "$ROOTDIR" GITDIR="$ROOTDIR/.git" @@ -9,20 +13,17 @@ MAINTDIR="$ROOTDIR/git-maintenance" PUBKEY=1KwpZECcrGWnM3AFVSbv3Xr5qguV4yG2sV URLPFX="https://bico.media/$PUBKEY" -if ! curl -sfI "$URLPFX"/refs.aes>/dev/null; then echo "Remember to get on internet."; exit 2; fi - -# problem: IVs are producing files that do not have the same content each time, -# and a reupload of everything is made each store. +if ! curl -sfI "$URLPFX"/refs.aes>/dev/null; then echo; echo "== Remember to get on internet. =="; echo; exit 2; fi #export GZIP=-9n TAR="tar -J --owner=0 --group=0 --numeric-owner --mode=go=rX,u+rw,a-s" encrypt() { - openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -e + openssl aes-256-cbc -salt -pbkdf2 -pass "$PASS" -e } decrypt() { - openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d + openssl aes-256-cbc -salt -pbkdf2 -pass "$PASS" -d } if ! [ -e "$PASS" ]; then echo "Remember to plug in USB key."; exit 1; fi @@ -82,8 +83,8 @@ rm "$tmpfile" mv "$tmpfile".list encrypted/list.txt $TAR -cv encrypted/list.txt refs HEAD packed-refs | encrypt > encrypted/refs.aes rm encrypted/list.txt -cp -va "$MAINTDIR"/get.sh encrypted -if [ "$(curl -s "$URLPFX"/get.sh | sha256sum)" = "$(cat encrypted/get.sh | sha256sum)" ]; then rm encrypted/get.sh; fi +cp -va "$MAINTDIR"/dog.sh encrypted +if [ "$(curl -s "$URLPFX"/dog.sh | sha256sum)" = "$(cat encrypted/dog.sh | sha256sum)" ]; then rm encrypted/dog.sh; fi |