#!/bin/bash
+#
# to be run on www.planet-lab.eu where the CERTH key was imported
+# triggered by /etc/cron.d/export-nitos.cron
+#
+# (*) initialized gpg with the gpg rings found in /etc/planetlab
+# ple-www.pl.sophia.inria.fr ~ # ls -ld .gnupg .gnupg/*ring.gpg
+# drwx------ 2 root root 4096 Jun 17 16:11 .gnupg
+# -rw------- 1 root root 28357 Jun 17 16:11 .gnupg/pubring.gpg
+# -rw------- 1 root root 47028 Jun 16 16:43 .gnupg/secring.gpg#
+#
+# (*) used NITOS indications to locate armored key
+# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4646985724FAFE07
+#
+# (*) stored that in /etc/planetlab/Nitlab.key
+#
+# (*) gpg --import /etc/planetlab/Nitlab.key
+#
+# (*) signed the snipped version and published it to NITOS
+#
+####################
+# (*) upon reception of their acknowledgement, which establishes trust
+# sign and trust the key:
+# [boot-planet-lab-eu] ~/.gnupg # gpg --edit-key CERTH
+# gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
+#
+# <snip>
+#
+# Command> sign
+#
+# <snip>
+#
+# Really sign? (y/N) y
+#
+# Command> trust
+#
+# <snip>
+#
+# 1 = I don't know or won't say
+# 2 = I do NOT trust
+# 3 = I trust marginally
+# 4 = I trust fully
+# 5 = I trust ultimately
+# m = back to the main menu
+#
+# Your decision? 5
+# Do you really want to set this key to ultimate trust? (y/N) y
+#
+# <snip>
+#
+# Command> q
+# Save changes? (y/N) y
+# [boot-planet-lab-eu] ~/.gnupg #
+
DIRNAME=$(dirname $0)
cd $DIRNAME
-# refresh EXPORT and EXPORT.snip with the python script
-
-plcsh ./export-omf.py -- -n EXPORT.snip
-plcsh ./export-omf.py -- EXPORT
+# refresh the gpg encrypted version of the export file
+mv -f EXPORT.nitlab.gpg EXPORT.nitlab.gpg.bak
+plcsh ./export-omf.py | gpg -r CERTH -e --output EXPORT.nitlab.gpg
-yes | gpg -r CERTH -e < EXPORT.snip > EXPORT.snip.nitlab
-yes | gpg -r CERTH -e < EXPORT > EXPORT.nitlab
+# publish under /var/www/html/download/EXPORT.nitlab
+cp EXPORT.nitlab.gpg /var/www/html/download/EXPORT.nitlab.gpg