Throw shfmt against bash scripts

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-03-10 12:47:55 +01:00
parent 76b40bb59b
commit efc8bc4f3c
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
25 changed files with 181 additions and 168 deletions

View file

@ -16,22 +16,21 @@ PASSES="2"
###
###
if ! [ -f "$1" ]
then
echo ""$!" is not a file. Nothing to convert."
exit
if ! [ -f "$1" ]; then
echo ""$!" is not a file. Nothing to convert."
exit
fi
trap cleanup EXIT
cleanup() {
set +e
rm -f "${PASSLOGFILE}-0.log" "${PASSLOGFILE}-0.log.mbtree" "${TEMPFILE}"
set +e
rm -f "${PASSLOGFILE}-0.log" "${PASSLOGFILE}-0.log.mbtree" "${TEMPFILE}"
}
# get creation date
TIMESTAMP=$(stat -l -t "%Y-%m-%d %H:%M:%S" "$1" | awk '{ print $6" "$7 }')
# get betrate
BITRATE=$(ffmpeg -i "$1" 2>&1 |grep bitrate | awk '{print $6}')
BITRATE=$(ffmpeg -i "$1" 2>&1 | grep bitrate | awk '{print $6}')
# set task priority to low
NICE="nice -n 19"
@ -45,29 +44,27 @@ TEMPFILE="$DIRECTORY/.${FILENAME%.*}_${NOW}_ffmpeg.${EXT}"
#METADATA="-metadata creation_time=\"$TIMESTAMP\""
if [ "$PASSES" == "1" ]
then
# 1 pass encoding
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -acodec libfaac -ab 192k -ar 48000 -sn -metadata creation_time="$TIMESTAMP" -f mp4 -y "${TEMPFILE}"
if [ "$PASSES" == "1" ]; then
# 1 pass encoding
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -acodec libfaac -ab 192k -ar 48000 -sn -metadata creation_time="$TIMESTAMP" -f mp4 -y "${TEMPFILE}"
else
# 2 pass encoding
PASSLOGFILE="$DIRECTORY/.${FILENAME%.*}_${NOW}_ffmpeg"
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -pass 1 -passlogfile "$PASSLOGFILE" -an -sn -f rawvideo -y /dev/null
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -pass 2 -passlogfile "$PASSLOGFILE" -acodec libfaac -ab 192k -ar 48000 -sn -metadata creation_time="$TIMESTAMP" -f mp4 -y "${TEMPFILE}"
rm "${PASSLOGFILE}-0.log"
rm "${PASSLOGFILE}-0.log.mbtree"
# 2 pass encoding
PASSLOGFILE="$DIRECTORY/.${FILENAME%.*}_${NOW}_ffmpeg"
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -pass 1 -passlogfile "$PASSLOGFILE" -an -sn -f rawvideo -y /dev/null
$NICE ffmpeg -i "$1" -threads auto -loglevel "$LOGLEVEL" -vcodec libx264 -b:v "${BITRATE}k" -vf yadif=1 -pass 2 -passlogfile "$PASSLOGFILE" -acodec libfaac -ab 192k -ar 48000 -sn -metadata creation_time="$TIMESTAMP" -f mp4 -y "${TEMPFILE}"
rm "${PASSLOGFILE}-0.log"
rm "${PASSLOGFILE}-0.log.mbtree"
fi
touch -r "$1" "${TEMPFILE}"
if [ -f "${1%.*}.${EXT}" ]
then
mv -f "${TEMPFILE}" "${1%.*}_${NOW}.${EXT}"
echo
echo "File "${1%.*}.${EXT}" already exist, moved to: "${1%.*}_${NOW}.${EXT}""
echo
if [ -f "${1%.*}.${EXT}" ]; then
mv -f "${TEMPFILE}" "${1%.*}_${NOW}.${EXT}"
echo
echo "File "${1%.*}.${EXT}" already exist, moved to: "${1%.*}_${NOW}.${EXT}""
echo
else
mv -i "${TEMPFILE}" "${1%.*}.${EXT}"
mv -i "${TEMPFILE}" "${1%.*}.${EXT}"
fi
exit

View file

@ -2,26 +2,26 @@
case $1 in
backup)
# Backup the trustdb
gpg2 --export-ownertrust > .gnupg/trustdb.txt
backup)
# Backup the trustdb
gpg2 --export-ownertrust >.gnupg/trustdb.txt
# Compile the archive
tar -cvjf - .gnupg/private-keys-v1.d .gnupg/pubring.gpg .gnupg/trustdb.gpg .gnupg/trustdb.txt | gpg2 --output ${HOME}/gnupg_backup.asc --symmetric --armor
;;
# Compile the archive
tar -cvjf - .gnupg/private-keys-v1.d .gnupg/pubring.gpg .gnupg/trustdb.gpg .gnupg/trustdb.txt | gpg2 --output ${HOME}/gnupg_backup.asc --symmetric --armor
;;
restore)
restore)
# Restore the archive
gpg2 --decrypt ${HOME}/gnupg_backup.asc | tar -xvj
# Restore the archive
gpg2 --decrypt ${HOME}/gnupg_backup.asc | tar -xvj
# Restore the owner-trust
gpg2 --import-ownertrust < .gnupg/trustdb.txt
;;
# Restore the owner-trust
gpg2 --import-ownertrust <.gnupg/trustdb.txt
;;
*)
echo "Call me like this: $0 <backup | restore>"
exit 1
;;
*)
echo "Call me like this: $0 <backup | restore>"
exit 1
;;
esac

View file

@ -3,46 +3,55 @@ set -euo pipefail
DEBUG=${DEBUG:-false}
FETCH_INTERVAL=${FETCH_INTERVAL:-3600}
REPOS=( public secret )
REPOS=(public secret)
SSH_KEY=${SSH_KEY:-fafnir}
# Print debug messages if enabled by ${DEBUG}
function debug {
[[ "${DEBUG}" = "false" ]] && return
function debug() {
[[ ${DEBUG} == "false" ]] && return
echo "$@" >&2
}
function join_by { local d=$1; shift; echo -n "$1"; shift; printf "%s" "${@/#/$d}"; }
function join_by() {
local d=$1
shift
echo -n "$1"
shift
printf "%s" "${@/#/$d}"
}
# Wrap git to work with git-dir and work-tree being in other locations
function gwrap {
function gwrap() {
hub --git-dir=${HOME}/.cfg/${REPO} --work-tree=${HOME} $@
}
# Ensure we're connected to network before acting
if ! ( ping -q -c 1 8.8.8.8 >/dev/null ); then
if ! (ping -q -c 1 8.8.8.8 >/dev/null); then
debug "No network connection, not checking"
exit 0
fi
STAT_PARM="-c %Y"
[[ "$(uname -s)" = "Darwin" ]] && STAT_PARM="-f %m"
[[ "$(uname -s)" == "Darwin" ]] && STAT_PARM="-f %m"
NEED_UPDATE=()
# Check repos for updates
for REPO in ${REPOS[@]}; do
LAST_FETCH=0
[ -f ~/.cfg/${REPO}/FETCH_HEAD ] && LAST_FETCH=$(stat ${STAT_PARM} ~/.cfg/${REPO}/FETCH_HEAD)
if [ $(( $(date +%s) - ${LAST_FETCH} )) -gt ${FETCH_INTERVAL} ] || \
if [ $(($(date +%s) - LAST_FETCH)) -gt ${FETCH_INTERVAL} ] ||
[ $(wc -c ~/.cfg/${REPO}/FETCH_HEAD | cut -d' ' -f1) -eq 0 ]; then
vault-sshadd ${SSH_KEY} 2>&1 >/dev/null || { echo "Unable to load key ${SSH_KEY}"; exit 1; }
vault-sshadd ${SSH_KEY} 2>&1 >/dev/null || {
echo "Unable to load key ${SSH_KEY}"
exit 1
}
gwrap fetch -q origin master
fi
LOCAL=$(gwrap rev-parse HEAD)
REMOTE=$(gwrap rev-parse FETCH_HEAD)
if ! [[ "${LOCAL}" = "${REMOTE}" ]]; then
if ! [[ ${LOCAL} == "${REMOTE}" ]]; then
NEED_UPDATE+=("'${REPO}'")
fi
done

View file

@ -1,16 +1,16 @@
#!/bin/bash
# clean_keyring.sh - clean up all the excess keys
# my key should probably be the first secret key listed
mykey=$(gpg --list-secret-keys | grep '^sec' | cut -c 13-20)
if [ -z "$mykey" ]; then
# exit if no key string
echo "Can't get user's key ID"
exit 1
# exit if no key string
echo "Can't get user's key ID"
exit 1
fi
# all of the people who have signed my key
mysigners=$(gpg --list-sigs $mykey | grep '^sig' | cut -c 14-21 | sort -u)
mysigners=$(gpg --list-sigs $mykey | grep '^sig' | cut -c 14-21 | sort -u)
# keep also the keys of persons I'm tracking on keybase.io
keybase_tracks=""
@ -18,23 +18,23 @@ for person in $(keybase list-tracking); do
id=$(keybase id $person 2>&1 | grep "public key fingerprint" | cut -d ':' -f 2 | cut -c 41-50 | sed "s/ //g")
keybase_tracks="$keybase_tracks $id"
done
# keep all of the signers, plus my key (if I haven't self-signed)
keepers=$(echo $mykey $mysigners $keybase_tracks | tr ' ' '\012' | sort -u)
# the keepers list in egrep syntax: ^(key|key|…)
keepers_egrep=$(echo $keepers | sed 's/^/^(/; s/$/)/; s/ /|/g;')
# show all the keepers as a comment so this script's output is shell-able
echo '# Keepers: ' $keepers
# everyone who isn't on the keepers list is deleted
deleters=$(gpg --list-keys | grep '^pub'| cut -c 13-20 | egrep -v ${keepers_egrep})
deleters=$(gpg --list-keys | grep '^pub' | cut -c 13-20 | egrep -v ${keepers_egrep})
# echo the command if there are any to delete
# command is interactive
if [ -z "$deleters" ]; then
echo "# Nothing to delete!"
echo "# Nothing to delete!"
else
echo 'gpg --delete-keys' $deleters
echo 'gpg --delete-keys' $deleters
fi

View file

@ -4,7 +4,7 @@ set -euo pipefail
if [ -e "${HOME}/bin/script_framework.sh" ]; then
source "${HOME}/bin/script_framework.sh"
else
function step { echo $@; }
function step() { echo $@; }
fi
step "Removing containers created / exited >= ~1h ago..."
@ -14,7 +14,7 @@ CONTAINERS=$(docker ps -a | awk '/(hours?|days?|weeks?|months?) ago\s+(Created|E
step "Untagging all images not used by containers..."
PS_OUTPUT=$(docker ps -a)
for img in $(docker images | awk '/^[a-z].*(hours?|days?|weeks?|months?) ago/{ print $1":"$2 }' | grep -v '<none>' | sort | uniq); do
if ! ( echo "${PS_OUTPUT}" | grep -q "\s${img}\s" ) && ! ( echo "${PS_OUTPUT}" | grep -q "\s${img%:latest}\s" ); then
if ! (echo "${PS_OUTPUT}" | grep -q "\s${img}\s") && ! (echo "${PS_OUTPUT}" | grep -q "\s${img%:latest}\s"); then
docker rmi --no-prune "${img}"
fi
done

View file

@ -26,7 +26,7 @@ while getopts "f" opt; do
esac
done
shift $((OPTIND-1))
shift $((OPTIND - 1))
[ "${1:-}" = "--" ] && shift
# --- OPT parsing ---
@ -34,11 +34,14 @@ shift $((OPTIND-1))
if [ -e ${HOME}/bin/script_framework.sh ]; then
source ${HOME}/bin/script_framework.sh
else
function step { echo "$@"; }
function fatal { echo "$@"; exit 1; }
function step() { echo "$@"; }
function fatal() {
echo "$@"
exit 1
}
fi
function config {
function config() {
git --git-dir="${HOME}/.cfg/${repo_name}" --work-tree="${HOME}" $@
}
@ -57,7 +60,7 @@ for repo_name in "${!REPOS[@]}"; do
config config status.showUntrackedFiles no
# Do not overwrite local changes
if ( ! config diff --exit-code 2>&1 >/dev/null ) && [ ${FORCE} -eq 0 ]; then
if (! config diff --exit-code 2>&1 >/dev/null) && [ ${FORCE} -eq 0 ]; then
fatal "Repo '${REPO}' has unsaved changes and force-flag is not set"
fi

View file

@ -1,5 +1,5 @@
#!/bin/bash
for host in $@; do
grep -v ${host} ~/.ssh/known_hosts > ~/.ssh/known_hosts.tmp && mv ~/.ssh/known_hosts.tmp ~/.ssh/known_hosts
grep -v ${host} ~/.ssh/known_hosts >~/.ssh/known_hosts.tmp && mv ~/.ssh/known_hosts.tmp ~/.ssh/known_hosts
done

View file

@ -65,9 +65,9 @@ RUN set -ex \\
EOF
# Allow exposing ports using `-e 3000`
( test "EXPOSE" != "${EXPOSE}" ) && echo -e "${EXPOSE}\n"
(test "EXPOSE" != "${EXPOSE}") && echo -e "${EXPOSE}\n"
# Allow
# Allow
[ -z "${VOLUME}" ] || echo -e "VOLUME [${VOLUME/, /}]\n"
# Execution information

View file

@ -6,10 +6,10 @@ if ! [ -e Makefile ]; then
exit 0
fi
TARGETS=$(make -pRrq : 2>/dev/null | \
awk -v RS= -F: '/^# File/,/^# Finished Make data base/ {if ($$1 !~ "^[#.]") {print $$1}}' | \
sort | egrep -v -e '^[^[:alnum:]]' | sed 's/:$//' | xargs)
TARGETS=$(make -pRrq : 2>/dev/null |
awk -v RS= -F: '/^# File/,/^# Finished Make data base/ {if ($$1 !~ "^[#.]") {print $$1}}' |
sort | egrep -v -e '^[^[:alnum:]]' | sed 's/:$//' | xargs)
if ( echo $TARGETS | grep -q "auto-hook-${HOOKTYPE}" ); then
if (echo $TARGETS | grep -q "auto-hook-${HOOKTYPE}"); then
exec make "auto-hook-${HOOKTYPE}"
fi

View file

@ -20,12 +20,12 @@ git pull --rebase && git submodule update --init --recursive
step "Cleaning local branches..."
for branch in $(git branch --merged | grep -v '^*'); do
# Do not delete master as the main branch
if ( test "${branch}" != "master" ); then
if (test "${branch}" != "master"); then
git branch -d ${branch}
fi
done
step "Removing local branches where remote branch is gone..."
if ( git branch -vv | grep -q ': gone]' ); then
if (git branch -vv | grep -q ': gone]'); then
git branch -vv | awk '/: gone]/{print $1}' | xargs git branch -D
fi

View file

@ -4,13 +4,13 @@
startpath=$(pwd)
for repo in $(find . -name ".git")
do
repodir=$(dirname $repo)
reponame=$(basename $repodir)
cd $repodir; LANG=C git status | grep -q "nothing to commit"
state=$?
cd $startpath
echo -n "$reponame: "
[ $state -eq 0 ] && echo -e "${PR_GREEN}Up-2-date${PR_NC}" || echo -e "${PR_BR_RED}Changes available${PR_NC}"
for repo in $(find . -name ".git"); do
repodir=$(dirname $repo)
reponame=$(basename $repodir)
cd $repodir
LANG=C git status | grep -q "nothing to commit"
state=$?
cd $startpath
echo -n "$reponame: "
[ $state -eq 0 ] && echo -e "${PR_GREEN}Up-2-date${PR_NC}" || echo -e "${PR_BR_RED}Changes available${PR_NC}"
done

View file

@ -1,5 +1,5 @@
#!/bin/bash
for i in "$@"; do
echo "$i" >> .gitignore
echo "$i" >>.gitignore
done

View file

@ -1,10 +1,13 @@
#!/bin/bash
set -euo pipefail
function require_gotool {
function require_gotool() {
toolname=$(basename $1)
if ! ( which ${toolname} >/dev/null 2>&1 ); then
go version || { echo "${basename} not found and no usable go environment"; exit 1; }
if ! (which ${toolname} >/dev/null 2>&1); then
go version || {
echo "${basename} not found and no usable go environment"
exit 1
}
go get -u $1
fi
}
@ -15,7 +18,7 @@ source "${HOME}/.config/vault-user-token"
source "${HOME}/bin/script_framework.sh"
# Check whether a valid token is available
( vault token-lookup >/dev/null 2>&1 ) && exit 0
(vault token-lookup >/dev/null 2>&1) && exit 0
step "Vault is not authenticated, trying to authenticate... "
@ -23,7 +26,10 @@ step "Vault is not authenticated, trying to authenticate... "
rm -f "${HOME}/.vault-token"
VUT=$(pgrep -f vault-user-token || echo "" | xargs)
[ -n "$VUT" ] && { step "Killing old vault-user-token processes..."; kill ${VUT}; }
[ -n "$VUT" ] && {
step "Killing old vault-user-token processes..."
kill ${VUT}
}
# Start new vault-user-token daemon
vault-user-token --full-hostname=false >/dev/null 2>&1 &
@ -34,11 +40,11 @@ while ! [ -f "${HOME}/.vault-token" ]; do
# Give the program a moment to get a token
sleep 0.5
if ! ( kill -0 $VUT ); then
if ! (kill -0 $VUT); then
fail "vault-user-token exitted, giving up."
fi
done
( vault token-lookup >/dev/null 2>&1 ) || fail "Vault authentication failed finally"
(vault token-lookup >/dev/null 2>&1) || fail "Vault authentication failed finally"
success "Vault token became available and is valid"

View file

@ -1,5 +1,5 @@
#!/bin/bash
for key in $(find . -type f | grep -vE "\.(pub|pem)" | grep -vE '(config|authorized_keys|known_hosts)' | sort); do
for key in $(find . -type f | grep -vE "\.(pub|pem)" | grep -vE '(config|authorized_keys|known_hosts)' | sort); do
grep -q ENCRYPTED ${key} || echo "Key unsafe: ${key}"
done

View file

@ -8,7 +8,7 @@ source ${HOME}/bin/script_framework.sh
[ $# -lt 1 ] && fail "You need to supply at least password as argument"
# Check against online API using range request not to disclose the password hash
function check_password {
function check_password() {
checksum=$(echo -n "${1}" | sha1sum | tr 'a-z' 'A-Z')
curl -s https://api.pwnedpasswords.com/range/${checksum:0:5} |
awk -F: "/${checksum:5:35}/{ print \$2 }" | tr -d '\n\r'

View file

@ -3,11 +3,11 @@
source "${HOME}/bin/script_framework.sh"
[ -n "${TMUX}" ] && fail "You are already in tmux!"
( which tmux 2>/dev/null ) || fail "No tmux found, can't continue"
(which tmux 2>/dev/null) || fail "No tmux found, can't continue"
tmux-agent
if ! ( tmux list-sessions ); then
if ! (tmux list-sessions); then
tmux new-session -d
tmux split-window -h
fi

View file

@ -4,27 +4,27 @@ COLOR_CYAN="\033[0;36m"
COLOR_YELLOW="\033[0;33m"
COLOR_PLAIN="\033[0m"
function error {
function error() {
echo -e "${COLOR_RED}$@${COLOR_PLAIN}"
}
function fail {
function fail() {
error "$@"
exit 1
}
function info {
function info() {
echo -e "${COLOR_CYAN}$@${COLOR_PLAIN}"
}
function step {
info "[$(date +%H:%M:%S)] $@"
function step() {
info "[$(date +%H:%M:%S)] $@"
}
function success {
function success() {
echo -e "${COLOR_GREEN}$@${COLOR_PLAIN}"
}
function warn {
function warn() {
echo -e "${COLOR_YELLOW}$@${COLOR_PLAIN}"
}

View file

@ -4,19 +4,19 @@ selfsigned=false
while getopts s opt; do
case $opt in
s)
selfsigned=true
;;
s)
selfsigned=true
;;
esac
done
shift $(( OPTIND - 1 ))
shift $((OPTIND - 1))
domain=$1
openssl genrsa -out ${domain}.key 2048
openssl req -new -sha256 -key ${domain}.key -out ${domain}.csr
if $selfsigned; then
openssl x509 -req -days 365 -in ${domain}.csr -signkey ${domain}.key -out ${domain}.crt
fi

View file

@ -5,17 +5,18 @@ set -e
BASE_PATH=/tmp/system-audit
GIT_DIR=/var/local/system-audit
function collect_hashes {
target=$1; shift
function collect_hashes() {
target=$1
shift
for dir in $@; do
if ! [ -e "${dir}" ]; then
echo "${dir}" >> ${BASE_PATH}/missing
echo "${dir}" >>${BASE_PATH}/missing
wrap_git add --intent-to-add ${BASE_PATH}/missing
continue
fi
find ${dir} -mindepth 1 \( -type f -or -type l \) -print0 | xargs -0 shasum -a 512 >> ${target}
find ${dir} -mindepth 1 \( -type f -or -type l \) -print0 | xargs -0 shasum -a 512 >>${target}
done
if [ -e ${target} ]; then
@ -23,7 +24,7 @@ function collect_hashes {
fi
}
function wrap_git {
function wrap_git() {
git --work-tree=${BASE_PATH} --git-dir=${GIT_DIR} "$@"
return $?
}
@ -44,51 +45,51 @@ fi
case "$1" in
"collect")
# Remove old hash-files
rm -rf ${BASE_PATH}/*
"collect")
# Remove old hash-files
rm -rf ${BASE_PATH}/*
# [OSX / Linux] Changing this script will cause a different behaviour
# so also this needs to be monitored.
collect_hashes ${BASE_PATH}/script $0
# [OSX / Linux] Changing this script will cause a different behaviour
# so also this needs to be monitored.
collect_hashes ${BASE_PATH}/script $0
# [OSX only] LaunchAgents and LaunchDaemons can be used to execute
# programs on behalf of the user or the root user. They may be used
# as attack vectors.
collect_hashes ${BASE_PATH}/agents_daemons /System/Library/LaunchDaemons /Library/LaunchDaemons /System/Library/LaunchAgents /Library/LaunchAgents ~/Library/LaunchAgents
# [OSX only] LaunchAgents and LaunchDaemons can be used to execute
# programs on behalf of the user or the root user. They may be used
# as attack vectors.
collect_hashes ${BASE_PATH}/agents_daemons /System/Library/LaunchDaemons /Library/LaunchDaemons /System/Library/LaunchAgents /Library/LaunchAgents ~/Library/LaunchAgents
# [OSX / Linux ] /etc (or /private/etc on OSX) does contain configuration
# for system applications and might be used to change their behaviour.
collect_hashes ${BASE_PATH}/etc /etc /private/etc
# [OSX / Linux ] /etc (or /private/etc on OSX) does contain configuration
# for system applications and might be used to change their behaviour.
collect_hashes ${BASE_PATH}/etc /etc /private/etc
# [OSX / Linux] Binary folders do contain the executables used by the
# system itself. Exchanging them can cause harm to the system or leak
# data.
collect_hashes ${BASE_PATH}/bin /usr/bin /usr/local/bin ~/bin
;;
# [OSX / Linux] Binary folders do contain the executables used by the
# system itself. Exchanging them can cause harm to the system or leak
# data.
collect_hashes ${BASE_PATH}/bin /usr/bin /usr/local/bin ~/bin
;;
"freeze")
wrap_git commit -S -a -m "Status freeze as of $(date)"
;;
"freeze")
wrap_git commit -S -a -m "Status freeze as of $(date)"
;;
"check")
$0 collect
$0 diff --exit-code
echo "Everything is still in recorded state"
;;
"check")
$0 collect
$0 diff --exit-code
echo "Everything is still in recorded state"
;;
"init")
if [ $($0 log --pretty=format:'%h [%G?]%d %s (%cr) <%an>' --abbrev-commit | wc -l) -gt 0 ]; then
echo "The status was already initialized. Use 'collect' and 'diff' to review the state and 'freeze' to save it"
exit 1
fi
"init")
if [ $($0 log --pretty=format:'%h [%G?]%d %s (%cr) <%an>' --abbrev-commit | wc -l) -gt 0 ]; then
echo "The status was already initialized. Use 'collect' and 'diff' to review the state and 'freeze' to save it"
exit 1
fi
$0 collect
$0 freeze
;;
$0 collect
$0 freeze
;;
*)
wrap_git "$@"
;;
*)
wrap_git "$@"
;;
esac

View file

@ -3,7 +3,7 @@
set -e
set -o pipefail
function unexpose {
function unexpose() {
expose -d 8888
}
trap unexpose EXIT

View file

@ -1,13 +1,12 @@
#!/bin/bash
if ! ( which vault > /dev/null ); then
if ! (which vault >/dev/null); then
error "vault is required."
exit 2
fi
# If we can list the environments there is no need to unlock the database
if ( awsenv list > /dev/null 2>&1 ); then
if (awsenv list >/dev/null 2>&1); then
echo "Database already unlocked."
exit 0
fi
@ -31,11 +30,10 @@ expect eof
EOF
# Check whether awsenv was unlocked
if ( awsenv list > /dev/null 2>&1 ); then
if (awsenv list >/dev/null 2>&1); then
echo "Database unlocked successfully"
exit 0
else
echo "Found passphrase but could not unlock database."
exit 1
fi

View file

@ -21,7 +21,7 @@ HEXPWD=$(echo -n "${PWD}" | str2hex)
for KEYGRIP in $(gpg2 --with-keygrip -k ${KEY} | grep Keygrip | cut -d '=' -f 2 | xargs); do
# Set password for keygrip
if ! ( gpg-connect-agent -q "PRESET_PASSPHRASE ${KEYGRIP} -1 ${HEXPWD}" /bye >/dev/null 2>&1 ); then
if ! (gpg-connect-agent -q "PRESET_PASSPHRASE ${KEYGRIP} -1 ${HEXPWD}" /bye >/dev/null 2>&1); then
echo "An error occurred while caching password in GPG agent"
exit 1
fi

View file

@ -5,7 +5,7 @@ set -o pipefail
source "${HOME}/bin/script_framework.sh"
if ! ( which vault > /dev/null ); then
if ! (which vault >/dev/null); then
error "vault is required."
exit 2
fi
@ -21,7 +21,7 @@ HELPER=$(mktemp)
chmod 0700 ${HELPER}
trap "rm ${HELPER}" EXIT
cat -s <<EOF > ${HELPER}
cat -s <<EOF >${HELPER}
#!/bin/bash
vault read -field=private "/secret/ssh-key/\$1" | exec ssh-add -t 3600 -
EOF
@ -30,7 +30,7 @@ for KEY_NAME in $@; do
fingerprint=$(vault read -field=public "/secret/ssh-key/$1" | ssh-keygen -l -f -)
# If this key is already in the agent we don't need to do anything
if ( ssh-add -l | grep -q "${fingerprint}" ); then
if (ssh-add -l | grep -q "${fingerprint}"); then
info "[${KEY_NAME}] Key already present."
continue
fi

View file

@ -7,4 +7,3 @@ set -o pipefail
source .venv/bin/activate
[ -f requirements.txt ] && pip install -r requirements.txt

View file

@ -1,4 +1,4 @@
#!/bin/bash
find $HOME -type f -name '.gopath' | sed 's!/.gopath$!!' > /tmp/godirs
find $HOME -type f -name '.gopath' | sed 's!/.gopath$!!' >/tmp/godirs
mv /tmp/godirs $HOME/.config/godirs