Ajout : remote/duplicity .

[lhc/ateliers.git] / remote / duplicity-key-send

diff --git a/remote/duplicity-key-send b/remote/duplicity-key-send
index c576ec9..86290bd 100755 (executable)
--- a/remote/duplicity-key-send
+++ b/remote/duplicity-key-send
@@ -1,19 +1,17 @@
 #!/bin/sh -eu
+# SYNTAX:
+# DESCRIPTION: envoie sur $local_fqdn la clef OpenPGP utilisée par duplicity(1).
 tool=$(readlink -e "${0%/*}/..")
 . "$tool"/remote/lib.sh
 
-PATH=/usr/lib/gnupg2:"$PATH"
+uid=backup+"$local_hostname"@"$local_domainname"
+trap_exit () {
+       "$tool"/remote/gpg-preset-passphrase --forget "$uid"
+ }
+trap trap_exit EXIT
+"$tool"/remote/gpg-preset-passphrase --preset "$uid"
 
-IFS= read -r pass <<-EOF
-       $(gpg --decrypt "$tool"/var/sec/openpgp/backup+"$local_hostname"@"$local_domainname".pass.gpg)
-       EOF
-for fpr in $("$tool"/remote/gpg --list-secret-keys --with-colons --with-fingerprint --with-fingerprint \
- -- "backup+$local_hostname@$local_domainname" | grep '^fpr:' | cut -d : -f 10)
- do gpg-preset-passphrase --preset -v $fpr <<-EOF
-       $pass
-       EOF
- done
-
-"$tool"/remote/gpg --export-options export-reset-subkey-passwd \
- --export-secret-subkeys "backup+$local_hostname@$local_domainname" |
-"$tool"/remote/ssh backup@$local_fqdn gpg --import -
+"$tool"/remote/gpg \
+ --export-options export-reset-subkey-passwd \
+ --export-secret-subkeys "$uid" |
+"$tool"/remote/ssh backup@"$local_fqdn" gpg --import -