exhumation_tools/exhumate.sh

#!/usr/bin/env bash

set -e
set -o pipefail

[ -n "$1" ] || { echo "error: Provide a beacon address" >&2; exit 1; } 
BEACON="$1"

[ -n "$FSOCIETY_TELEGRAM_BACKUP_N" ] || { echo "error: N env var not set." >&2; exit 1; }
[ -n "$FSOCIETY_TELEGRAM_BACKUP_LOCATION" ] || { echo "error: N env var not set." >&2; exit 1; }

ALPHABET="0 1 2"
BEACONPORT="60666"
WORKDIR="/run/user/$UID/ftb"
ZIPPED_KEYS="$FSOCIETY_TELEGRAM_BACKUP_LOCATION/fsociety-archive-secret-slot$FSOCIETY_TELEGRAM_BACKUP_N.zip.gpg"
TOMB="$FSOCIETY_TELEGRAM_BACKUP_LOCATION/fsociety-archive-2024-01-05.img"


cleanup() {
    sudo umount ./backup
    sudo cryptsetup close /dev/mapper/fsociety_backup

    sudo sudo chattr +i "$TOMB" "$ZIPPED_KEYS"
    rm -rfd "$WORKDIR"
}
trap cleanup EXIT

check_dependency() {
    command -v $1 > /dev/null || { echo "error: $1 not found" >&2; exit 1; }
}
check_dependencies() {
    for dep in "$@"; do
        check_dependency "$dep"
    done
}
check_dependencies "firefox" "ncat" "gpg" "cryptsetup" "unzip" "shred" 


[ ! -e "$WORKDIR" ] || { echo "error: Delete $WORKDIR." >&2; exit 1; }
mkdir -p "$WORKDIR"
cd "$WORKDIR"

sudo sudo chattr -i "$TOMB" "$ZIPPED_KEYS"

gpg -d "$ZIPPED_KEYS" > keys.zip
unzip keys.zip
HEADER="$WORKDIR/fsociety-archive-secret-slot$FSOCIETY_TELEGRAM_BACKUP_N/header$(echo $ALPHABET | tr " " $'\n' | grep -v "^$FSOCIETY_TELEGRAM_BACKUP_N$" | sed 's/^/-slot/' | tr -d $'\n').luks-header"

ncat -v --ssl "$BEACON" "$BEACONPORT" </dev/null | gpg -d | sudo cryptsetup open --header "$HEADER" --key-file - "$TOMB" fsociety_backup

rm -rfd *

mkdir backup
sudo mount -o ro /dev/mapper/fsociety_backup backup

FFPROFILE="$WORKDIR/ff-$$.$RANDOM.d"
mkdir -p "$FFPROFILE"
firefox -profile "$FFPROFILE" --no-remote ./backup/messages.html
find "$FFPROFILE" -type f -exec shred {} \;

cleanup()

echo "I go to my fathers... in whose mighty company... I shall not now feel ashamed."