Optionally recover keys from a master keydrive during interactive install

2016-10-27 14:21:37 +01:00 · 2016-10-27 14:21:37 +01:00 · f57f273519
parent 8cc9916d9c
commit f57f273519
2 changed files with 30 additions and 4 deletions
--- a/src/freedombone-config
+++ b/src/freedombone-config
@ -1067,6 +1067,7 @@ function interactive_config {
    choose_dynamic_dns
    choose_default_domain_name
    choose_email_address
+    interactive_key_recovery

    # delete the temporary configuration file
    if [ -f temp.cfg ]; then
--- a/src/freedombone-utils-keys
+++ b/src/freedombone-utils-keys
@ -126,10 +126,19 @@ function interactive_gpg_from_usb {
            fi
        fi

+        if [ -d $GPG_USB_MOUNT/letsencrypt ]; then
+            if [ ! -d /etc/letsencrypt ]; then
+                mkdir /etc/letsencrypt
+            fi
+            echo $'Recovering LetsEncrypt keys'
+            cp -r $GPG_USB_MOUNT/letsencrypt/* /etc/letsencrypt
+        fi
+
        if [ -d $GPG_USB_MOUNT/.gnupg ]; then
            if [ ! -d $HOME_DIR/.gnupg ]; then
                mkdir $HOME_DIR/.gnupg
            fi
+            echo $'Recovering GPG keys'
            cp -r $GPG_USB_MOUNT/.gnupg/* $HOME_DIR/.gnupg
            GPG_LOADING="no"
            dialog --title $"Recover Encryption Keys" \
@ -170,14 +179,14 @@ function interactive_gpg_from_remote {
    ${PROJECT_NAME}-remote -u $MY_USERNAME -l $REMOTE_SERVERS_LIST -t "Remote server"

    if [ ! -f $REMOTE_SERVERS_LIST ]; then
-        dialog --title $"Encryption keys" --msgbox $'Error obtaining server list' 6 70
+        dialog --title $"Encryption Keys Recovery" --msgbox $'Error obtaining server list' 6 70
        return 1
    fi

    # check the number of entries in the file
    no_of_servers=$(cat $REMOTE_SERVERS_LIST | wc -l)
    if (( no_of_servers < 3 )); then
-        dialog --title $"Encryption keys" \
+        dialog --title $"Encryption Keys Recovery" \
               --msgbox $'There must be at least three servers to recover the key' 6 70
        return 2
    fi
@ -186,11 +195,11 @@ function interactive_gpg_from_remote {
    apt-get -yq install libgfshare-bin gnupg
    ${PROJECT_NAME}-recoverkey -u $MY_USERNAME -l $REMOTE_SERVERS_LIST
    if [ ! "$?" = "0" ]; then
-        dialog --title $"Encryption keys" --msgbox $'Your key could not be recovered' 6 70
+        dialog --title $"Encryption Keys Recovery" --msgbox $'Your key could not be recovered' 6 70
        return 3
    fi

-    dialog --title $"Encryption keys" --msgbox $'Your key has been recovered' 6 70
+    dialog --title $"Encryption Keys Recovery" --msgbox $'Your key has been recovered' 6 70

    return 0
 }
@ -227,4 +236,20 @@ function interactive_gpg {
    done
 }

+function interactive_key_recovery {
+    data=$(tempfile 2>/dev/null)
+    trap "rm -f $data" 0 1 2 5 15
+
+    dialog --title $"Encryption Keys Recovery" \
+           --backtitle $"Freedombone Configuration" \
+           --defaultno \
+           --yesno $"Do you wish to recover your previous encryption keys from a USB master keydrive?" 7 60
+    sel=$?
+    case $sel in
+        1) return;;
+        255) return;;
+    esac
+    ${PROJECT_NAME}-recoverkey -u $MY_USERNAME
+}
+
 # NOTE: deliberately there is no "exit 0"