|
|
@@ -1,41 +0,0 @@
|
|
|
-#!/usr/bin/env bash
|
|
|
-set -euo pipefail
|
|
|
-
|
|
|
-PASS_BASE="personal/ssh"
|
|
|
-STORE_ROOT="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
|
|
|
-ABS_BASE_PATH="${STORE_ROOT}/${PASS_BASE}"
|
|
|
-
|
|
|
-# Ensure ssh-agent is running
|
|
|
-if [[ -z "${SSH_AUTH_SOCK:-}" ]]; then
|
|
|
- eval "$(ssh-agent -s)"
|
|
|
-fi
|
|
|
-
|
|
|
-# Verify the base path exists
|
|
|
-if [[ ! -d "$ABS_BASE_PATH" ]]; then
|
|
|
- echo "ERROR: Base path not found in pass: $PASS_BASE" >&2
|
|
|
- exit 1
|
|
|
-fi
|
|
|
-
|
|
|
-# Loop through each identity subdirectory
|
|
|
-while IFS= read -r dir; do
|
|
|
- IDENTITY=$(basename "$dir")
|
|
|
-
|
|
|
- # Find the latest .gpg file by name (ISO sort)
|
|
|
- LATEST_FILE=$(find "$dir" -maxdepth 1 -name "*.gpg" -exec basename {} \; \
|
|
|
- | sed 's/\.gpg$//' \
|
|
|
- | sort -r \
|
|
|
- | head -n 1)
|
|
|
-
|
|
|
- if [[ -z "$LATEST_FILE" ]]; then
|
|
|
- continue
|
|
|
- fi
|
|
|
-
|
|
|
- echo "Injecting $IDENTITY ($LATEST_FILE) into ssh-agent..."
|
|
|
-
|
|
|
- # Decrypt and pipe directly to ssh-add
|
|
|
- # The '-' tells ssh-add to read the key from standard input (stdin)
|
|
|
- pass show "${PASS_BASE}/${IDENTITY}/${LATEST_FILE}" | ssh-add - >/dev/null 2>&1
|
|
|
-
|
|
|
-done < <(find "$ABS_BASE_PATH" -mindepth 1 -maxdepth 1 -type d)
|
|
|
-
|
|
|
-echo "Done. All latest keys injected into agent."
|
