sgpg 0.1.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 19adec4c32f7a7b0b3f373eb969cb1f94f11b2018c0560fb87fe08273b14589e
-  data.tar.gz: 6df240ec47463524f39b8d771bce155f35ce32ccc135b6fdd9525c62c76afc08
+  metadata.gz: c2df301c36de68352a30454b4024038d9e7efa8816f6db7e332f250d40fdc607
+  data.tar.gz: 38f42188aec8bb77a2ab31f84d446427c1112c7a0a2cb829cafc6839ad71cf5a
 SHA512:
-  metadata.gz: '095ce5720c3bd485cfc290025c83d9e906ce8fab073a850ad592e63216dcb6b211326904ea72e030324ebebbda87b86292350556c2f952d54d171ab086c86ebb'
-  data.tar.gz: 7e7632fced693a9f7e162184d91e525b735d5650010bc9a00f5a97b730cdf1af9a5adfac566078b00d9cf27c438d4e7913f71d6c0edf54935622e7379f3ed1b1
+  metadata.gz: cc7c9e9530164fbab117cab1b255b59c3d20cb26b6996967f549041eabe4dc6a8c638c2ebea953ed58dcbfd540403d7fe17d0295499d7dc1f78047ddfa4c0ce6
+  data.tar.gz: 59dd16d8b4bb1327f683a887377c4ad35d63c6a0dbec57156b19766ccf6470624d18ca676aafb9f75351ff003ae0a153ea84508c70de4a6a4336ba9b618b8f1d

data/CHANGELOG.md

@@ -1,3 +1,30 @@
+## 1.0.0 - Oct. 2025
+
+- New CLI options, `--encrypt`, `--no-encrypt`, `--export-pass`, `--import-pass`.
+- Update the destination to `/mnt/sgpg/`. Use `/mnt/sgpg/Persistent` only if the directory exist (compatible with [Tail Linux](https://tails.net/doc/persistent_storage/index.en.html)).
+- Create a directory `/mnt/sgpg/<key-name>/` for each key.
+- Can save (export/import) passwords from [pass](https://www.passwordstore.org/) by incremental save
+
+### Bug fixes
+
+- Correct permission when move archive, we can't list keys with wrong permissions.
+- Don't check for `*.cert` when create archives, only `*.key`
+- Correct the last element returned from array for `--last-lesser` or `--last-master`
+
+### Manual intervention
+
+For those using a previous version, they need to manually import the last master key and re export keys:
+
+    sgpg --path-key /mnt/sgpg/<keymaster>.tar --edit-key
+    sgpg --export
+
+## 0.1.0, release 09/10/24
+
+- New `.github/workflow` to publish package on GitHub.
+- New command line options
+- `--disk-encrypt` if need to use `cryptsetup` or not.
+- `--export` create master and lesser archive.
+
 ## 0.0.1, release 07/27/24
-* Initial push, code freeying !
-"
+
+- Initial push, code release!

data/README.md

@@ -1,31 +1,43 @@
-# Sgpg
-Short gpg, tool for manage your gpg key (backup tarball, unprivileged keys, etc)
+# sGPG
 
-Followed my [post](https://szorfein.github.io/gpg/build-secure-gpg-key/) to
-create a secure gpg key, i need to update my key all the 6 month on each PC
- and each time, it's very very annoying so i build this tool to gain in time
- and sanity :).
+<div align="center">
+<br/>
+
+[![Gem Version](https://badge.fury.io/rb/sgpg.svg)](https://badge.fury.io/rb/sgpg)
+
+</div>
+
+Short GnuPG, tool for manage your GPG key (backup tarball, unprivileged keys, etc)
 
-So with this tool, 'i,you,we' should use no more than 3 commands max instead of 50...
+Followed my [post](https://szorfein.github.io/gpg/build-secure-gpg-key/) to
+create a secure GnuPG key, I need to update my keys all the 6 month on each PC.
+It's a very annoying task without scripts so I've develop this tool in
+Ruby to gain in time and mental sanity :).
 
-You always need to create a gpg key as well
+To start, you always need to owm/create a GnuPG key as well.
 
     gpg --expert --full-generate-key
 
-## Install sgpg locally
+## Install sGPG locally
+
+    gem install --user-install sgpg
 
-    gem install sgpg
+You also need to install some dependencies:
 
-You also need to install dependencies: tar, cryptsetup, shred and gpg.
+- Tar
+- Cryptsetup (if you want to encrypt/decrypt the disk)
+- Shred (to remove the master key efficiently)
+- And GnuPG of course.
 
-## Configure
-The config is located at ~/.config/sgpg/config.yml. You can use the command line with `--save`:
+## Optional configuration
 
-    sgpg --disk /dev/sdc2 --disk-encrypt --key szorfein@protonmail.com --save
+The config file is located at `~/.config/sgpg/config.yml`. You can use the command line with `--save`:
+
+    sgpg --disk /dev/sdc2 --encrypt --key szorfein@protonmail.com --save
 
 You can register the disk/by-id or disk/by-uuid if you prefer.
 
-    sgpg --disk /dev/disk/by-id/wmn-0xXXXX-part2 --disk-encrypt --save
+    sgpg --disk /dev/disk/by-id/wmn-0xXXXX-part2 --encrypt --save
 
 ## Usage
 
@@ -34,17 +46,37 @@ You can register the disk/by-id or disk/by-uuid if you prefer.
 When subkeys expire:
 
     sgpg --last-master --edit-key # update expired keys, change password, etc...
-    sgpg --export
+    sgpg --export # create master and lesser archive
     sgpg --close # unmount and close disk
 
-Import the last unpriviliged key (laptop and other)
+Import the last unprivileged key (laptop and other)
 
     sgpg --last-lesser --edit-key # trust (555)
     sgpg --close # unmount and close disk
 
+Manually choose an archive
+
+    sgpg --open # mount disk
+    sgpg --path-key /mnt/sgpg/Persistent/archive.tar --edit-key
+
+Export your passwords created with the [pass](https://www.passwordstore.org/) tool:
+
+    sgpg --open # mount disk
+    sgpg --key szorfein@protonmail.com --export-pass
+    sgpg --close
+
+## About
+
+About GnuPG security in brief and what's this tool help you to manage:
+
+- You don't need a passphrase to protect your master key (if your follow all advice)
+- Never store your master key on your computer, store it on an encrypted device.
+- Always use an unprivileged key on your working machine.
+- Create short live keys for Sign, Encrypt and Auth, maximum 6 month (less is better).
+- When importing your master keys, (try to) be offline.
+
 ## Gem push
 
     gem login
     gem build sgpg.gemspec
     gem push sgpg-0.0.1.gem
-

data/bin/sgpg

@@ -16,11 +16,15 @@ OptionParser.new do |opts|
     options[:disk] = dev
   end
 
-  opts.on('--disk-encrypt', 'If we need to use cryptsetup to open the disk.') do
+  opts.on('--encrypt', 'If we need to use cryptsetup to open the disk.') do
     options[:crypted] = true
   end
 
-  opts.on('-k', '--key NAME', 'Use the key name, default use ENV["USER"]') do |name|
+  opts.on('--no-encrypt', 'Disable disk encryption.') do
+    options[:crypted] = false
+  end
+
+  opts.on('-k', '--key NAME', 'Specify the GPG key to use') do |name|
     options[:keyname] = name
   end
 
@@ -32,11 +36,7 @@ OptionParser.new do |opts|
     Sgpg.list_keys(options[:keyname])
   end
 
-  opts.on('-o', '--open', "Open and mount device disk at #{Sgpg::MOUNTPOINT}.") do
-    Sgpg.open(options[:disk], options[:crypted])
-  end
-
-  opts.on('-p', '--path-key PATH', 'use archive PATH') do |path|
+  opts.on('-p', '--path-key PATH', 'Use archive PATH') do |path|
     raise "path #{path} didn't found" unless File.exist? path
 
     options[:keypath] = path
@@ -46,15 +46,19 @@ OptionParser.new do |opts|
     options[:keypath] = Sgpg.last_key(options, 'master')
   end
 
-  opts.on('--last-lesser', 'Use the last archive lesser (unpriviliged)') do
+  opts.on('--last-lesser', 'Use the last archive lesser (secure key with no privileges)') do
     options[:keypath] = Sgpg.last_key(options, 'lesser')
   end
 
+  opts.on('-o', '--open', "Open and mount device disk at #{Sgpg::MOUNTPOINT}.") do
+    Sgpg.open(options[:disk], options[:crypted])
+  end
+
   opts.on('-c', '--close', 'Unmount and close disk device.') do
     Sgpg.close(options[:disk], options[:crypted])
   end
 
-  opts.on('-s', '--save', 'Save current optargs in the config file') do
+  opts.on('-s', '--save', 'Save current cli options in the config file') do
     config_file.save(options)
   end
 
@@ -62,11 +66,20 @@ OptionParser.new do |opts|
     Sgpg::Main.export_secret(options)
     Sgpg::Main.lesser_keys(options)
   end
+
+  opts.on('--export-pass', 'Export your password-store from pass.') do
+    Sgpg::Main.incremental_export(options[:keyname])
+  end
+
+  opts.on('--import-pass', 'Import your password-store from pass.') do
+    Sgpg::Main.incremental_import(options[:keyname])
+  end
+
+  opts.on('-v', '--version', 'Display the current version.') do
+    puts "sgpg v#{Sgpg::VERSION}"
+    exit
+  end
 end.parse!
 
 raise 'no disk to use' if !options[:disk] || options[:disk] == ''
 raise 'no key to use' if !options[:keyname] || options[:keybase] == ''
-
-puts config_file
-
-puts "Sgpg v.#{Sgpg::VERSION}"

data/lib/sgpg/archive.rb

@@ -6,14 +6,16 @@ module Sgpg
   # Interact with program tar from unix
   class Archive
     # Code here
-    def initialize(key, name = ENV['USER'])
+    def initialize(key, name = nil)
+      raise ArgumentError, "No #{name}..." unless name
+
       @key = key || ''
       @name = name
       @date = Time.now.strftime('%Y-%m-%d')
       puts "create key #{@name}-#{@date}-master.tar"
       FileUtils.mkdir_p Sgpg::WORKDIR
       @gpg = Gpg.new(@name)
-      # make it compatabble with Tails Linux
+      # Make it compatible with Tails Linux
     end
 
     def create_master_tar
@@ -57,20 +59,42 @@ module Sgpg
       mv(tar, pathdir)
     end
 
+    # Tail Linux create an encrypted partition with a directory named Persistent
+    def move_to_disk
+      dest = Helper.search_dest
+      final_dest = "#{dest}/#{@name}" # we add the key name
+
+      Helper.mkdir(final_dest)
+      Helper.chmod('0777', final_dest)
+
+      tar = Dir.glob("#{Sgpg::WORKDIR}/*.tar")
+      raise 'No archive found.' unless tar.length >= 1
+
+      mv(tar, final_dest)
+    end
+
     private
 
     def import_secret(keys)
-      keys.each { |k| system('gpg', '-a', '--import', k) if k.match(/secret/) }
+      keys.each do |k|
+        puts "importing secret #{k}..."
+        system('gpg', '-a', '--yes', '--import', k) if k.match?(/secret/)
+      end
     end
 
     def import_public(keys)
-      keys.each { |k| system('gpg', '-a', '--import', k) if k.match(/public/) }
+      keys.each do |k|
+        puts "importing public #{k}..."
+        system('gpg', '-a', '--yes', '--import', k) if k.match?(/public/)
+      end
     end
 
-    # suffix should be 'master' or 'lesser' (keys without privilege)
+    # Suffix should be 'master' or 'lesser' (keys without privilege)
     def create_tar(suffix = 'master')
       if suffix == 'master'
-        system("tar -cf #{@name}-#{@date}-#{suffix}-keys.tar *.key revocation.cert")
+        # In theory, you can create the certificate any time as you have the master key
+        #system("tar -cf #{@name}-#{@date}-#{suffix}-keys.tar *.key *.cert")
+        system("tar -cf #{@name}-#{@date}-#{suffix}-keys.tar *.key")
       else
         system("tar -cf #{@name}-#{@date}-#{suffix}-keys.tar *.key")
       end
@@ -78,13 +102,10 @@ module Sgpg
 
     def mv(tar, pathdir)
       puts "Moving archive at #{pathdir}..."
-      case Helper.auth?
-      when :root
-        tar.each { |f| FileUtils.mv(f, "#{pathdir}/#{f}") }
-      when :sudo
-        tar.each { |f| system('sudo', 'mv', f, "#{pathdir}/") }
-      when :doas
-        tar.each { |f| system('doas', 'mv', f, "#{pathdir}/") }
+      tar.each do |f|
+        file = File.basename(f)
+        Helper.mv(f, pathdir)
+        Helper.chmod('0644', "#{pathdir}/#{file}")
       end
     end
   end

data/lib/sgpg/cryptsetup.rb

@@ -3,18 +3,18 @@
 # lib/cryptsetup.rb
 
 module Sgpg
-  # Manipule program cryptsetup
+  # Control program cryptsetup
   class Cryptsetup
     class InvalidDisk < StandardError; end
 
     def initialize(disk)
-      raise "no disk #{disk} specified..." unless disk
+      raise "No disk #{disk} specified..." unless disk
 
       @disk = disk
       @mapname = 'sgpg'
     end
 
-    # tails linux make persistent volume on second partiton 'disk_name'2
+    # Tails Linux make persistent volume on second partition 'disk_name'2
     def open
       check_disk
 
@@ -48,21 +48,21 @@ module Sgpg
 
     private
 
-    def open_with(prefix = '')
+    def open_with(prefix = nil)
       if prefix
-        puts "openning disk #{@disk} with #{prefix}..."
+        puts "Opening disk #{@disk} with #{prefix}..."
       else
-        puts "openning disk #{@disk}..."
+        puts "Opening disk #{@disk}..."
       end
 
-      raise "unable to open #{@disk} #{prefix}" unless
+      raise "Unable to open #{@disk} #{prefix}" unless
         system(prefix, 'cryptsetup', 'open', '--type', 'luks', @disk, @mapname)
     end
 
-    def close_with(prefix = '')
-      puts "closing disk #{@disk}..."
+    def close_with(prefix = nil)
+      puts "Closing disk #{@disk}..."
 
-      raise "closing disk #{@disk} failed" unless
+      raise "Closing disk #{@disk} failed" unless
         system(prefix, 'cryptsetup', 'close', @mapname)
     end
   end

data/lib/sgpg/helper.rb

@@ -10,5 +10,33 @@ module Sgpg
       return :doas if File.exist?('/bin/doas') || File.exist?('/sbin/doas')
       return :sudo if File.exist?('/bin/sudo') || File.exist?('/sbin/sudo')
     end
+
+    def self.mv(src, dest)
+      case auth?
+      when :root then FileUtils.mv(src, dest)
+      when :sudo then system('sudo', 'mv', src, dest)
+      when :doas then system('doas', 'mv', src, dest)
+      end
+    end
+
+    def self.mkdir(path_dir)
+      case auth?
+      when :root then FileUtils.mkdir(path_dir)
+      when :sudo then system('sudo', 'mkdir', '-p', path_dir)
+      when :doas then system('doas', 'mkdir', '-p', path_dir)
+      end
+    end
+
+    def self.search_dest
+      Dir.exist?("#{Sgpg::KEYDIR}/Persistent") ? "#{Sgpg::KEYDIR}/Persistent" : Sgpg::KEYDIR
+    end
+
+    def self.chmod(perm, file_path)
+      case auth?
+      when :root then FileUtils.chmod perm, file_path, verbose: true
+      when :sudo then system('sudo', 'chmod', perm, file_path)
+      when :doas then system('doas', 'chmod', perm, file_path)
+      end
+    end
   end
 end

data/lib/sgpg/incremental.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'pathname'
+require 'time'
+
+# Exemple: https://peerdh.com/blogs/programming-insights/creating-a-ruby-gem-for-incremental-backup-strategies
+module Sgpg
+  # Incremental save
+  class Incremental
+    attr_accessor :source, :destination, :last_backup_time
+
+    def initialize(source, destination)
+      #raise ArgumentError, 'No dest, missed to mount stockage disk?' unless Dir.exist?(destination)
+
+      @source = source
+      @destination = destination
+      @last_backup_time = read_last_backup_time
+      @need_full_backup = check_time(@last_backup_time)
+    end
+
+    def check_time(time)
+      return false unless time
+
+      t = time
+      t.is_a?(Time)
+    end
+
+    def perform_backup
+      files = @last_backup_time ? files_to_backup : full_backup
+      puts "Incremental backup #{@need_full_backup}"
+
+      copy_directory_structure(files)
+      copy_files(files)
+      write_backup_time
+    end
+
+    private
+
+    def write_backup_time
+      return unless @destination.match?(/sgpg/)
+
+      pn = Pathname.new(@destination)
+      dest = "#{pn.dirname}/last-backup"
+      File.write(dest, Time.now)
+
+      @last_backup_time = Time.now
+      puts "last backup #{@last_backup_time}"
+    end
+
+    def read_last_backup_time
+      return unless @destination.match?(/sgpg/)
+
+      pn = Pathname.new(@destination)
+      dest = "#{pn.dirname}/last-backup"
+      File.exist?(dest) ? Time.parse(File.read(dest)) : nil
+    end
+
+    def full_backup
+      Dir.glob(File.join(@source, '**', '*')).select do |file|
+        File.file?(file)
+      end
+    end
+
+    def files_to_backup
+      Dir.glob(File.join(@source, '**', '*')).select do |file|
+        File.file?(file) && File.mtime(file) > @last_backup_time
+      end
+    end
+
+    # Skip files, only copy directories
+    def copy_directory_structure(files)
+      files.each do |file|
+        new_dir = file.sub(@source, @destination)
+        pn = Pathname.new(new_dir)
+        puts "add dir #{pn.dirname}"
+        FileUtils.mkdir_p(pn.dirname)
+      end
+    end
+
+    def copy_files(files)
+      files.each do |file|
+        #destination_path = File.join(@destination, File.basename(file))
+        destination_path = file.sub(@source, @destination)
+        puts "cpy #{file} to dest #{destination_path}"
+        FileUtils.cp(file, destination_path, preserve: true)
+      end
+    end
+  end
+end

data/lib/sgpg/mount.rb

@@ -38,30 +38,30 @@ module Sgpg
 
     protected
 
-    def open_with(prefix = '')
-      prefix == '' ? create_with_ruby : create_with_system(prefix)
+    def open_with(prefix = nil)
+      prefix ? create_with_ruby : create_with_system(prefix)
 
       raise "Unable to mount #{@disk}" unless
         system(prefix, 'mount', '-t', 'ext4', @disk, Sgpg::MOUNTPOINT)
     end
 
-    def close_with(prefix = '')
+    def close_with(prefix = nil)
       raise "Unable to umount #{@disk}" unless
         system(prefix, 'umount', Sgpg::MOUNTPOINT)
     end
 
     private
 
-    def create_wiht_ruby
+    def create_with_ruby
       FileUtils.mkdir_p Sgpg::MOUNTPOINT
       FileUtils.chown @user, @user, Sgpg::MOUNTPOINT, verbose: true
-      FileUtils.chmod 0644, Sgpg::MOUNTPOINT, verbose: true
+      FileUtils.chmod 0755, Sgpg::MOUNTPOINT, verbose: true
     end
 
     def create_with_system(prefix)
       system(prefix, 'mkdir', '-p', Sgpg::MOUNTPOINT)
       system(prefix, 'chown', "#{@user}:#{@user}", Sgpg::MOUNTPOINT)
-      system(prefix, 'chmod', '0644', Sgpg::MOUNTPOINT)
+      system(prefix, 'chmod', '0755', Sgpg::MOUNTPOINT)
     end
   end
 end

data/lib/sgpg/option.rb

@@ -4,6 +4,6 @@
 
 module Sgpg
   MOUNTPOINT = '/mnt/sgpg' # Better permission than /media/sgpg
-  KEYDIR = "#{MOUNTPOINT}/Persistent" # Tails Linux Comptatible
+  KEYDIR = "#{MOUNTPOINT}"
   WORKDIR = '/tmp/sgpg'
 end

data/lib/sgpg/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Sgpg
-  VERSION = '0.1.0'
+  VERSION = '1.0.0'
 end

data/lib/sgpg/yaml_config.rb

@@ -8,12 +8,12 @@ module Sgpg
     attr_reader :config
 
     def initialize
-      @file_dir = "#{ENV['HOME']}/.config/sgpg"
+      @file_dir = ENV['XDG_CONFIG_HOME'] ? "#{ENV['XDG_CONFIG_HOME']}/sgpg" : "#{ENV['HOME']}/.config/sgpg"
       @filename = 'config.yml'
       @full_path = "#{@file_dir}/#{@filename}"
       @config = {
-        disk: '',
-        keyname: '',
+        disk: nil,
+        keyname: nil,
         crypted: false
       }
     end

data/lib/sgpg.rb

@@ -8,10 +8,11 @@ require_relative 'sgpg/cryptsetup'
 require_relative 'sgpg/mount'
 require_relative 'sgpg/gpg'
 require_relative 'sgpg/archive'
+require_relative 'sgpg/incremental'
 
-# Manage your gpg key easyly
+# Manage your gpg key
 module Sgpg
-  def self.open(disk, is_crypted = false)
+  def self.open(disk, is_crypted = nil)
     return if Dir.glob("#{Sgpg::MOUNTPOINT}/*").length >= 1
 
     puts "Open device #{disk}..."
@@ -23,7 +24,7 @@ module Sgpg
     end
   end
 
-  def self.close(disk, is_crypted = false)
+  def self.close(disk, is_crypted = nil)
     if is_crypted
       Mount.new('/dev/mapper/sgpg').close
       Cryptsetup.new(disk).close
@@ -32,10 +33,13 @@ module Sgpg
     end
   end
 
+  # https://www.rubyguides.com/2017/07/ruby-sort/
   def self.list_keys(keyname)
-    keys = Dir.glob("#{Sgpg::MOUNTPOINT}/Persistent/#{keyname}*.tar")
+    dest = Helper.search_dest
+    dest += "/#{keyname}"
+    keys = Dir.glob("#{dest}/*.tar")
+
     puts "Listing keys for #{keyname}..."
-    keys = Dir.glob("#{Sgpg::MOUNTPOINT}/Persistent/*.tar") if keys == [] || keys == ''
     puts keys
   end
 
@@ -43,19 +47,18 @@ module Sgpg
   def self.last_key(opts, suffix = 'master')
     Sgpg.open(opts[:disk], opts[:crypted])
 
-    keys = Dir.glob("#{Sgpg::KEYDIR}/#{opts[:keyname]}*#{suffix}*.tar").sort
+    dest = Helper.search_dest
+    dest += "/#{opts[:keyname]}"
+    keys = Dir.glob("#{dest}/#{opts[:keyname]}*#{suffix}*.tar").sort
+
     raise 'No keys found' unless keys.length >= 1
 
-    keys[0]
+    keys.last
   end
 
   def self.clear_keys
     return unless Dir.glob("#{Sgpg::WORKDIR}/*.key").length >= 1
 
-    print "Clearing keys located at #{Sgpg::WORKDIR}? (y/n) "
-    choice = gets.chomp
-    return unless choice.match(/^y|^Y/)
-
     puts "Clearing #{Sgpg::WORKDIR}..."
     system("shred -u #{Sgpg::WORKDIR}/*.key")
   end
@@ -71,20 +74,44 @@ module Sgpg
       Sgpg.clear_keys
     end
 
-    # export your real keys and create an archive (tar)
+    # Export your real keys and create an archive (tar)
     def self.export_secret(opts)
       archive = Archive.new(opts[:keypath], opts[:keyname])
       archive.create_master_tar
-      archive.move(Sgpg::KEYDIR)
+      archive.move_to_disk
       Sgpg.clear_keys
     end
 
-    # create an unpriviliged gpg key (no change can be made)
+    # Create an unprivileged GnuPG key (no change can be made)
     def self.lesser_keys(opts)
       archive = Archive.new(opts[:keypath], opts[:keyname])
       archive.create_lesser_tar
-      archive.move(Sgpg::KEYDIR)
+      archive.move_to_disk
       Sgpg.clear_keys
     end
+
+    # Replace 'path/to/source' and 'path/to/destination' with actual paths on your machine. Run the script:
+    # pass store password at ~/.password-store by default
+    def self.incremental_export(keyname)
+      raise ArgumentError, 'incremental_export: No keyname' unless keyname
+
+      src = "#{ENV['HOME']}/.password-store"
+      dest = Helper.search_dest
+      dest += "/#{keyname}/.password-store"
+      puts "Exporting passwords from #{src} to #{dest}..."
+      backup = Incremental.new(src, dest)
+      backup.perform_backup
+    end
+
+    def self.incremental_import(keyname)
+      raise ArgumentError, 'incremental_export: No keyname' unless keyname
+
+      dest = "#{ENV['HOME']}/.password-store"
+      src = Helper.search_dest
+      src += "/#{keyname}/.password-store"
+      puts "Importing passwords from #{src} to #{dest}..."
+      backup = Incremental.new(src, dest)
+      backup.perform_backup
+    end
   end
 end

metadata

@@ -1,18 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: sgpg
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 1.0.0
 platform: ruby
 authors:
 - szorfein
-autorequire:
 bindir: bin
 cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
-  MIIEhTCCAu2gAwIBAgIBATANBgkqhkiG9w0BAQsFADBEMREwDwYDVQQDDAhzem9y
+  MIIEPDCCAqSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBEMREwDwYDVQQDDAhzem9y
   ZmVpbjEaMBgGCgmSJomT8ixkARkWCnByb3Rvbm1haWwxEzARBgoJkiaJk/IsZAEZ
-  FgNjb20wHhcNMjMxMDIzMTcyMTA4WhcNMjQxMDIyMTcyMTA4WjBEMREwDwYDVQQD
+  FgNjb20wHhcNMjUxMDI2MTQyNTU2WhcNMjYxMDI2MTQyNTU2WjBEMREwDwYDVQQD
   DAhzem9yZmVpbjEaMBgGCgmSJomT8ixkARkWCnByb3Rvbm1haWwxEzARBgoJkiaJ
   k/IsZAEZFgNjb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCqe1yx
   EG2oM25jeHp08A8zkaDNmbI3MujjrRM/WPEYZX2dVwOxkIS20hQVuxcAsBBA4W/W
@@ -23,20 +22,18 @@ cert_chain:
   xI2/BnS8zOsS6Te08iLxqZfI/lsG8wcPduekSetRI4VIOZ5QoRK54PiQjrOBhbnD
   OQBB/XF1C80imZtRtdUqh6bK9WeWI4RYZ2/KwXL1AScEbXkBkkOECWoVrD18WgRm
   siuX6RkNIelhtb0En7f3bizgPqlO0qPQV+wPi9TSBxdVG12C0OmjCQYMQD0CAwEA
-  AaOBgTB/MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBTlKnQ3qMUF
-  zydvZaKwdP+dnj2uajAiBgNVHREEGzAZgRdzem9yZmVpbkBwcm90b25tYWlsLmNv
-  bTAiBgNVHRIEGzAZgRdzem9yZmVpbkBwcm90b25tYWlsLmNvbTANBgkqhkiG9w0B
-  AQsFAAOCAYEAFjnBWWfaMeA8hP0Q76WmBCFckGN5I42X5RQkVYRRXIaeXIS1td/t
-  O1v1iQLo6ABfASMi6We7T16+ita68xwNOmSkMNHHXBr/fdGbHExxFSX7BXNRbwla
-  SS6Vy0bXKMDJbXcvkrmIolpYhEFm1218FCRCT6ogM1oWAJAfhfF9pMeRxrxjQYFn
-  ko8XgjIHxb83miOILgdq/lgJ4gfD7PsGfJtLCLiCKCcxIb4TtmKAzRwCDVpb6wqM
-  5xJZffAmHI7v8lVer53sPzm3INPu5xFZyfZ/SXYXPKKwln0efH63K5vuXYwEN7NI
-  SBSRTN03Hb65t86m6/r084SrNnLntQjCSqApzFBt1QwJ5cmiVilODN4V7y2hZpyK
-  hSk3b2VOotDPiWIm1p/IPXQDfm5x67Z5fJQPAlBTsse4jKyVyW1lZLmERSBuRZ2O
-  urXgRIzALxd/xazPCnoLSXPzfJSI6Y77S1EBvhPd9RaSO8IyH9RhPDP9mnTvW2Kl
-  NAUnoL+txK5a
+  AaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFOUqdDeoxQXP
+  J29lorB0/52ePa5qMA0GCSqGSIb3DQEBCwUAA4IBgQAW22kVqz92sKW7thsKrW2i
+  BwVahsopgVLIUqp7sT+nL6Jw1QWCxolDwSToWFo0XuwbNdqCuGRBM+IzhWmCcA0e
+  WoHAPGQAhKz5jCWJ9GwgWbttYNrZ/PkyzKlT+15itMVeEEKxcqvfVFkdTXvTtliP
+  h75zR66tpFPjOejy+YD0uSPWbR/Nskf4BaMFso7mEr+5nOfzj0+Emy3MikHMm7uo
+  qZEazJO4XlmQWI2O7skt/SkE6xiZDQeCADZ4NXxBNzKkxKpozBXSeBKNUi21y9zR
+  3PGUOg6fCZt5H3kSffrvtycOnAu/FRNrQUxKRHLJKez8d7zJH64sBdldm5fZJu1O
+  pzUhdmhxa/brsIYFPPsjw0PminqSEmFahOoGyph8lw1IYu6UskIlB+J1BLZxsPkJ
+  6+fmQQAYvIhUQH+pOPELkGGo+bQMpCLb4i97kyzbOjJqAFKsgqgCOtvUC4yUZRNb
+  YulAM0cmmcfbzWUxsyAoCp9mY227qQZpGv6dDgv4IbA=
   -----END CERTIFICATE-----
-date: 2024-09-10 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies: []
 description: "    Short gpg, tool for manage your gpg key (backup tarball, unprivileged
   keys, etc...)\n"
@@ -56,6 +53,7 @@ files:
 - lib/sgpg/cryptsetup.rb
 - lib/sgpg/gpg.rb
 - lib/sgpg/helper.rb
+- lib/sgpg/incremental.rb
 - lib/sgpg/mount.rb
 - lib/sgpg/option.rb
 - lib/sgpg/version.rb
@@ -70,7 +68,6 @@ metadata:
   source_code_uri: https://github.com/szorfein/sgpg
   wiki_uri: https://github.com/szorfein/sgpg/wiki
   funding_uri: https://patreon.com/szorfein
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -89,8 +86,7 @@ requirements:
 - cryptsetup
 - shred
 - tar
-rubygems_version: 3.3.25
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Short gpg, tool for manage your gpg key (backup tarball, unprivileged keys,
   etc...)