33 lines
826 B
Bash
Executable File
33 lines
826 B
Bash
Executable File
#!/bin/bash -e
|
|
# Mostly inspired from https://earthly.dev/blog/creating-and-hosting-your-own-deb-packages-and-apt-repo/#pgp-gpg-and-gnupgp
|
|
|
|
if [ -f "signing.key" ]; then
|
|
echo "signing.key exists, refuse to override" 1>&2
|
|
exit 1
|
|
fi
|
|
|
|
# Create temporary directory
|
|
GNUPGHOME="$(mktemp --directory /tmp/pgpkeys-XXXXXX)"
|
|
export GNUPGHOME
|
|
echo "Creating a temporary keyring at $GNUPGHOME..."
|
|
chmod 700 "$GNUPGHOME"
|
|
|
|
# Create the request
|
|
echo "Key-Type: RSA
|
|
Key-Length: 4096
|
|
Name-Real: supercow signing key
|
|
Name-Email: supercow@example.com
|
|
Expire-Date: 0
|
|
%no-ask-passphrase
|
|
%no-protection
|
|
%commit" > "$GNUPGHOME/batchrequest"
|
|
|
|
# Execute request
|
|
gpg --no-tty --batch --gen-key "$GNUPGHOME/batchrequest"
|
|
gpg --armor --export-secret-keys > signing.key
|
|
|
|
# Cleanup
|
|
echo "Removing temporary keyring at $GNUPGHOME..."
|
|
rm -rf "$GNUPGHOME"
|
|
|