@ -65,19 +65,45 @@ ssh-key-add() {
## ident are unique by construction (they are struct keys)
## ident are unique by construction (they are struct keys)
## but keys need to be also unique
## but keys need to be also unique
declare -A keys
declare -A keys
mkdir -p "${RSYNC_KEY_PATH}/backup/$label"
content="$type $key $email"
content="$type $key $email"
ident="${email##*@}"
ident="${email##*@}"
target="${RSYNC_KEY_PATH}/backup/$label/$ident.pub"
target="${RSYNC_KEY_PATH}/backup/$label/$ident.pub"
if [ -e "$target" ]; then
old_content=$(cat "$target")
if [ "$content" == "$old_content" ]; then
## is key used already ? As key give access to a specified subdir,
## we need to make sure it is unique.
for key_file in "${RSYNC_KEY_PATH}/backup/"*/*.pub; do
[ -e "$key_file" ] || continue
key_content=$(cat "$key_file")
if [ "$type $key" == "${key_content% *}" ]; then
if [ "$key_file" == "$target" ]; then
echo "Provided key already present for '$ident'." >&2
echo "Provided key already present for '$ident'." >&2
return 0
return 0
elif [[ "$key_file" == "${RSYNC_KEY_PATH}/"*"/$label/"*.pub ]]; then
type=${key_file#"${RSYNC_KEY_PATH}/"}
type=${type%"/$label/"*.pub}
key_ident=${key_file##*/}
key_ident=${key_ident%.pub}
echo "Provided key already used as $type key for '$key_ident'." >&2
return 1
else
olabel=${key_file#"${RSYNC_KEY_PATH}/"*/}
olabel=${olabel%/*.pub}
echo "Specified key is already used by '$olabel' account, please pick another one." >&2
return 1
fi
fi
fi
done
mkdir -p "${target%/*}"
if [ -e "$target" ]; then
echo "Replacing key for '$ident'." >&2
echo "Replacing key for '$ident'." >&2
elif [ -e "${RSYNC_KEY_PATH}/backup/"*"/$ident.pub" ]; then
echo "ident '$ident' is already reserved, please pick another one." >&2
elif [ -e "${RSYNC_KEY_PATH}/"*"/"*"/$ident.pub" ]; then
olabel=("${RSYNC_KEY_PATH}/"*"/"*"/$ident.pub")
olabel="${olabel[0]}"
olabel=${olabel#"${RSYNC_KEY_PATH}/"*/}
olabel=${olabel%/*.pub}
echo "ident '$ident' is already reserved by '$olabel', please pick another one." >&2
return 1
return 1
fi
fi
echo "$content" > "$target"
echo "$content" > "$target"