#!/bin/sh

set -e

# Create a temporary working directory
WORK_DIR=$(mktemp -d -t gpg-backup-XXXXXXXXXX)
trap 'rm -rf "$WORK_DIR"' EXIT
cd "$WORK_DIR"


BACKUP_NAME="$(date +%Y_%m_%d)-keys-backup"

echo Exporting Secret Keys
gpg --export-secret-keys --armor > "$WORK_DIR/secret-keys.asc"

echo Exporting Public Keys
gpg --export --armor > "$WORK_DIR/public-keys.asc"

echo Exporting Trust DB
gpg --export-ownertrust > "$WORK_DIR/trust_db.txt"

echo Files created:
ls -la "$WORK_DIR"

echo Creating backup archive
tar czfv "/tmp/${BACKUP_NAME}.tar.gz" "$WORK_DIR"
echo Created "/tmp/${BACKUP_NAME}.tar.gz"


echo Encrypting backup archive
# AES256 is apparently used by NAS..
gpg --symmetric --cipher-algo AES256 "/tmp/${BACKUP_NAME}.tar.gz"

echo Cleaning up unencrypted file
rm  "/tmp/${BACKUP_NAME}.tar.gz"

echo "Backup created in /tmp/${BACKUP_NAME}.tar.gz.gpg"
echo "If you are connected to NAS run 'cp /tmp/20.. /Volumes/travis/gpg_keys/'"