#!/usr/bin/env bash #PASS="file:$(ls "/run/media/"*/*"/key.fsojp.aes256" | head -n 1)" echo echo == Enter password. == echo PASS="pass:$(echo 53616c7465645f5f6eb8e165b79052263e125e4070138e26b3d127bb36e3e943f212d2d761a4426170cc2c17c58bc5d67c99eddb1df6ee1c02d7b33dd95ecdf0 | xxd -ps -r | openssl aes-256-cbc -salt -pbkdf2 -d)" PUBKEY=1KwpZECcrGWnM3AFVSbv3Xr5qguV4yG2sV NONCE="$(date +%s)" if ! curl -sfI "https://bico.media/">/dev/null; then echo; echo "== Remember to get on internet. =="; echo; exit 2; fi #if [ "$PASS" = "pass:" ]; then echo "Need better password."; exit 1; fi URLPFX="https://bico.media/$PUBKEY" if [ "$1" != "" ] then REPONAME="$1" fi if [ "$REPONAME" = "" ] then REPONAME="$(git rev-parse --show-toplevel 2>/dev/null)" fi if [ "$REPONAME" = "" ] then REPONAME=dog fi echo "" echo "This script is expected to be kept in sync with:" echo " ${URLPFX}/dog.sh" echo "" echo "Repository will be broken until download completes, as a quick way to ensure data" echo "is still all accessible by redownloading all of it." echo "Backup is in .git/bak, must be restored manually." echo "" # 2. mkdir -p .git/encrypted and git init mkdir -p "$REPONAME" cd "$REPONAME" if ! [ -d ".git" ]; then git init; fi git config gc.auto 0 chown -R "$USER":"$USER" .git pushd .git # prevent recreation of existing data mkdir -p encrypted mkdir -p bak cp --force -a HEAD refs objects/pack bak rm --force objects/pack/* # 3. download .git/encrypted with wget curl -sfI "$URLPFX"/refs.aes?"$NONCE">/dev/null && wget "$URLPFX"/refs.aes?"$NONCE" -O encrypted/refs.aes || echo "==== BROKEN REMOTE refs.aes PLEASE RE-STORE OR RECOVER ====" openssl aes-256-cbc -salt -pbkdf2 -pass "$PASS" -d -in encrypted/refs.aes | tar -Jxvf - for encpack in $(