#!/bin/sh

# get the hostname
hostname=$(uname -n)

# Create a temporary directory
temp_dir=$(mktemp -d)

# Export GPG secret keys and revocation certificates
mkdir -p "$temp_dir/${hostname}-auth-bak/gpg"
gpg --list-secret-keys --keyid-format LONG | grep sec | awk '{print $2}' | cut -d'/' -f2 | while read -r keyid; do
    gpg --export-secret-keys --armor "$keyid" > "$temp_dir/${hostname}-auth-bak/gpg/secret-$keyid.asc"
    gpg --gen-revoke --output "$temp_dir/${hostname}-auth-bak/gpg/revoke-$keyid.asc" "$keyid"
done

# Backup SSH keys
mkdir -p "$temp_dir/${hostname}-auth-bak/ssh"
for key_type in rsa dsa ecdsa ed25519; do
    if [ -f "$HOME/.ssh/id_$key_type" ]; then
        cp "$HOME/.ssh/id_$key_type" "$HOME/.ssh/id_$key_type.pub" "$temp_dir/${hostname}-auth-bak/ssh/"
    fi
done

# Create the archive
tar czf "${hostname}-auth-bak-$(date +%Y-%m-%d).tgz" -C "$temp_dir/${hostname}-auth-bak" .

# Clean up
rm -rf "$temp_dir"

echo "Backup completed: $hostname-auth-bak-$(date +%Y-%m-%d).tgz"