#!/usr/bin/env nix-shell #! nix-shell -i bash -p bitwarden-cli git gnupg jq nixFlakes # Command failure is script failure set -e BOLD_RED="\e[0;1;31m" BOLD_BLUE="\e[0;1;34m" BOLD_GREEN="\e[0;1;32m" RESET="\e[0m" DEST="$HOME/.config/nixpkgs" BW_SESSION="" warn() { echo -e "${BOLD_RED}$1${RESET}" } info() { echo -e "${BOLD_BLUE}$1${RESET}" } success() { echo -e "${BOLD_GREEN}$1${RESET}" } set_perm() { # $1: destination # $2: permissions chmod "$2" "$1" && success "--> Set permission of $1 to $2" } get_doc() { # $1: name of folder which contains the wanted document # $2: name of the document # $3: destination # $4: permissions local FOLDER_ID local NOTES FOLDER_ID="$(bw list folders | jq '.[] | select(.name == "'"$1"'") | .id' | cut -d'"' -f2)" NOTES="$(bw list items --folderid "$FOLDER_ID" | jq '.[] | select(.name == "'"$2"'") | .notes' | cut -d'"' -f2)" printf "%b" "$NOTES" > "$3" set_perm "$3" "$4" } get_ssh() { mkdir -p "$HOME/.ssh" && info "-> Creating .ssh folder." chmod 700 "$HOME/.ssh" && info "--> Modifying permissions of .ssh folder." get_doc "SysAdmin/SSH" "shared-key-public" "$HOME/.ssh/shared_rsa.pub" 644 get_doc "SysAdmin/SSH" "shared-key-private" "$HOME/.ssh/shared_rsa" 600 } get_pgp() { local KEY KEY=key.asc get_doc "SysAdmin/PGP" "pgp-key-private" "$KEY" 644 gpg \ --pinentry-mode loopback \ --import "$KEY" printf '5\ny\n' | gpg \ --command-fd 0 \ --pinentry-mode loopback \ --edit-key 'Bruno BELANYI' \ trust rm "$KEY" } get_creds() { BW_SESSION="$(bw login --raw)" export BW_SESSION get_ssh get_pgp } setup_gpg() { info 'Setting up loopback pinentry for GnuPG' echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf info 'Signing dummy message to ensure GnuPG key is usable by `git-crypt`' echo whatever | gpg --clearsign --armor --pinentry loopback --output /dev/null } [ -z "$NOCREDS" ] && get_creds [ -z "$NOGPG" ] && setup_gpg nix --experimental-features 'nix-command flakes' develop