diff --git a/bin/detachsign-file b/bin/detachsign-file index a216e79..2315e16 100755 --- a/bin/detachsign-file +++ b/bin/detachsign-file @@ -2,4 +2,4 @@ SNEAK_KEY_ID="5539AD00DE4C42F3AFE11575052443F4DF2A55C2" -gpg -u $SNEAK_KEY_ID -a --detach-sig $* +gpg -u $SNEAK_KEY_ID -a --detach-sig "$*" diff --git a/bin/encrypt-for-sneak-ascii b/bin/encrypt-for-sneak-ascii new file mode 100755 index 0000000..cabd83e --- /dev/null +++ b/bin/encrypt-for-sneak-ascii @@ -0,0 +1,39 @@ +#!/bin/bash + +set -x + +KEYSERVER="hkps.pool.sks-keyservers.net" +#KEYSERVER="pgp.mit.edu" + +KEYS="" +KEYS+=" 5539AD00DE4C42F3AFE11575052443F4DF2A55C2" #sneak@sneak.berlin +KEYS+=" FF2530A4F3F152E8865FC17CA833B7CE3F2CC6FC" #JP Yubi 6192 +KEYS+=" 078BBD04FBE35D665180EF8A476509F749BFD1AD" #JP Yubi 2811 +KEYS+=" 7D1123A022FC90DF389EC65F233196C180B1C28F" #JP Yubi 6643 +KEYS+=" F5A3A83B9E65EA3E1A2A48E5FDA763BDDCFAB8AC" #Yubikey 4928206 20160927 +KEYS+=" B044B27DCB86641AFE3AB274779D07C54EB7CF85" #Yubikey 4953582 20160927 +#KEYS+=" 3FF8DE63855070F8B9CB0D9A67B4CD26470681DA" #Yubikey 4CNano 06931602 20171018 + +KEYS+=" 1CA168D7E842DFD1745815006F291E6D9AA87738" +KEYS+=" 726D577AFB82E64049B62A8DA763B92AD841A706" # Yubi 7192344 20180613 pris +KEYS+=" 04630E42D244BC80717D28D51280F730A9AD633C" +KEYS+=" 5D48805E38B8C2E04103C7728CBD64834BC043EA" +KEYS+=" 8904EE6400E7B7409CE00AA92084C4563F360B45" +KEYS+=" FE65DB157D8BF9E4FEDF50DA927353E2C4507A5B" +KEYS+=" 27CF8E00190D7AF340D8AE55A6C1C5C2083CB579" + +GARGS="" +GARGS+=" -a" +GARGS+=" --trust-model always" +#GARGS+=" --compress-algo bzip2" +GARGS+=" --compress-algo none" +#GARGS+=" --bzip2-compress-level 9" + +for KEY in $KEYS ; do + if ! gpg --list-key $KEY 2>&1 > /dev/null ; then + gpg --recv-key --keyserver $KEYSERVER $KEY + fi + GARGS+=" -r $KEY" +done + +gpg $GARGS --encrypt "$*" diff --git a/bin/unlock-las1 b/bin/unlock-las1 deleted file mode 100755 index 7b24bf0..0000000 --- a/bin/unlock-las1 +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -KEYFILE="$HOME/Documents/sync/secrets/luks/las1.eeqj.de.luks.txt.gpg" - -if [[ ! -e "$KEYFILE" ]]; then - echo "wrong box!" >> /dev/stderr - exit 1 -fi - -gpg -d "$KEYFILE" | ssh root@las1.local "bash /root/unlock_disks" diff --git a/bin/unlock-syncpi-alpha b/bin/unlock-syncpi-alpha deleted file mode 100755 index 276de66..0000000 --- a/bin/unlock-syncpi-alpha +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -KEYFILE="$HOME/Documents/sync/secrets/luks/syncpi-las1-alpha.luks.gpg" - -if [[ ! -e "$KEYFILE" ]]; then - echo "wrong box!" >> /dev/stderr - exit 1 -fi - -gpg -d "$KEYFILE" | ssh root@syncpi-las1-alpha.local "bash /root/unlock_disks" diff --git a/bin/unlock-syncpi-bravo b/bin/unlock-syncpi-bravo deleted file mode 100755 index ea4c71d..0000000 --- a/bin/unlock-syncpi-bravo +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -KEYFILE="$HOME/Documents/sync/secrets/luks/syncpi-las1-bravo.luks.gpg" - -if [[ ! -e "$KEYFILE" ]]; then - echo "wrong box!" >> /dev/stderr - exit 1 -fi - -gpg -d "$KEYFILE" | ssh root@syncpi-las1-bravo.local "bash /root/unlock_disks" diff --git a/bin/unlock-syncpi-las2 b/bin/unlock-syncpi-las2 deleted file mode 100755 index a10a48d..0000000 --- a/bin/unlock-syncpi-las2 +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -KEYFILE="$HOME/Documents/sync/secrets/luks/syncpi-las2.luks.txt.gpg" - -if [[ ! -e "$KEYFILE" ]]; then - echo "wrong box!" >> /dev/stderr - exit 1 -fi - -gpg -d "$KEYFILE" | ssh root@syncpi-las2.tor "bash /root/unlock_disks" diff --git a/homedir.makefile/Makefile b/homedir.makefile/Makefile index 19543e2..e02edb2 100644 --- a/homedir.makefile/Makefile +++ b/homedir.makefile/Makefile @@ -3,6 +3,8 @@ JUNKFILES += .gdb_history .mysql_history .sqlite_history BREWPACKAGES := mosh duplicity pv offlineimap wget nmap tor torsocks YYYYMM := $(shell date +%Y%m) +HACKSREPO := ~/.paths/sneak-scratch/dev/hacks/ + NO_COLOR = \033[0m O1_COLOR = \033[0;01m O2_COLOR = \033[32;01m @@ -79,3 +81,12 @@ remotebackup: packages: brew install $(BREWPACKAGES) + +# this copies instead of linking because the 'hacks' repo is part of the +# sneak-sync shared folder which is synced with machines off-prem +# and they are not allowed impending RCE on workstations + +update: + cat $(HACKSREPO)/homedir.makefile/Makefile > Makefile + brew upgrade + diff --git a/osmstatic/index.html b/osmstatic/index.html new file mode 100644 index 0000000..465ae29 --- /dev/null +++ b/osmstatic/index.html @@ -0,0 +1,37 @@ + + + + +