52 lines
2.3 KiB
Bash
Executable file
52 lines
2.3 KiB
Bash
Executable file
#!/bin/bash
|
|
# sign-all.sh — Recursive Signature Script
|
|
# Author: Solaria & Mark Randall Havens 🌀
|
|
# Purpose: Automatically GPG-sign all matching files with .asc signatures
|
|
|
|
# ───── CONFIGURABLE OPTIONS ───────────────────────────────────────────────
|
|
EXTENSIONS=("md" "txt") # File types to sign
|
|
RECURSIVE=true # true = recurse into subdirectories
|
|
FORCE=false # true = re-sign even if .asc exists
|
|
SIGNATURE_SUFFIX=".asc" # .asc for armored detached signature
|
|
OUTPUT_LOG="gitfield-signed.log" # Signature log file
|
|
GPG_FLAGS="--armor --detach-sign"
|
|
|
|
# ───── RITUAL HEADER ──────────────────────────────────────────────────────
|
|
echo ""
|
|
echo "🌀 [SIGN-ALL] Beginning recursive signing ritual..."
|
|
echo "📅 Timestamp: $(date)"
|
|
echo "🔑 Using GPG Key: $(gpg --list-secret-keys --with-colons | grep '^uid' | cut -d':' -f10 | head -n1)"
|
|
echo ""
|
|
|
|
# ───── FIND AND SIGN FILES ────────────────────────────────────────────────
|
|
for ext in "${EXTENSIONS[@]}"; do
|
|
if [ "$RECURSIVE" = true ]; then
|
|
FILES=$(find . -type f -name "*.${ext}")
|
|
else
|
|
FILES=$(find . -maxdepth 1 -type f -name "*.${ext}")
|
|
fi
|
|
|
|
for file in $FILES; do
|
|
sigfile="${file}${SIGNATURE_SUFFIX}"
|
|
|
|
if [ -f "$sigfile" ] && [ "$FORCE" = false ]; then
|
|
echo "⚠️ Skipping already signed: $file"
|
|
continue
|
|
fi
|
|
|
|
echo "🔏 Signing: $file"
|
|
gpg $GPG_FLAGS --output "$sigfile" "$file"
|
|
|
|
if [ $? -eq 0 ]; then
|
|
echo "✅ Signed: $file -> $sigfile" | tee -a "$OUTPUT_LOG"
|
|
else
|
|
echo "❌ Error signing: $file" | tee -a "$OUTPUT_LOG"
|
|
fi
|
|
done
|
|
done
|
|
|
|
# ───── WRAP UP ─────────────────────────────────────────────────────────────
|
|
echo ""
|
|
echo "🧾 Log saved to: $OUTPUT_LOG"
|
|
echo "🗝️ To verify: gpg --verify filename${SIGNATURE_SUFFIX}"
|
|
echo "✨ Recursive signature ritual complete."
|