Better support GPG migrations

After yet another unpleasant experience starting up GPG on a new system, I
decided to encode my learnings and mistakes as aliases, functions, scripts,
hoping to protect my future me from myself. Fingers crossed!

README.md

@@ -58,15 +58,12 @@ $ DOTFILES="$(pwd)" make install
 
 # SSHFS
 
+TODO: add explanation about `unison`, `rsync`, etc.
+
 SSHFS enables seamless file transfers from your local machine to a remote
 machine.
 
-To install, run:
-
-```bash
-$ brew cask install osxfuse
-$ brew install sshfs
-```
+## Usage
 
 Assuming your remote machine is configured in your `~/.ssh/config` (see above),
 you can mount your remote machine's home directory on your local machine like
@@ -78,34 +75,39 @@ $ sshfs ec2:/home/ubuntu ~/ec2 -o reconnect,follow_symlinks
 ```
 
 Now your remote machine's home directory can be accessed using the `~/ec2`
-directory. This directory can be transparently treated as if it were an ordinary
-local directory. To illustrate how easy it is to use, let's install `Vundle`, a
-Vim package manager, on our remote machine.
+directory. This directory can be treated as if it were an ordinary local
+directory. To illustrate how easy it is to use, let's install `Vundle` onto our
+remote machine.
 
 ```bash
 $ git clone https://github.com/VundleVim/Vundle.vim.git ~/ec2/.vim/bundle/Vundle.vim
 ```
 
-Voila! We now have `Vundle` installed on our ec2 instance without needing to SSH
-into that machine ourselves. That's all there is to it.
+Voila! We now have `Vundle` installed on our ec2 instance without needing to
+manually SSH into that machine.
 
 
 # GnuPG
 
-  1. Download public key from keyserver. `gpg --receive-keys [KEY_ID]`
-  2. Transfer backed-up private key information from secure disk
-  3. Create `[E]` encrypting and `[S]` signing subkeys for personal computer
-
-## Commentary
-
-By default `gpg2` interfaces with `gpg-agent`. `gpg` does not unless
-`--use-agent` is specified.  I suggest using `gpg2`, but if you must use `gpg`,
-add the following entry to `~/.gnupg/gpg.conf`:
+Entering a new system?
 
+```bash
+$ ./configs/shared/gpg/.gnupg/import.sh path/to/directory
 ```
-use-agent
+
+Leaving an old system? TODO: create a job that runs this periodically.
+
+```bash
+$ ./configs/shared/gpg/.gnupg/export.sh [directory]
 ```
 
+## Reference
+
+    - sec: secret key
+    - pub: public key
+    - ssb: secret sub-key
+    - sub: public sub-key
+
 ## GnuPG + Git
 
   1. Register newly created `[S]` signing subkey as `signingkey`

configs/shared/gpg/.gnupg/export.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Run this script to export all the information required to transport your GPG
+# information.
+# Usage: ./export.sh [directory]
+# TODO: run this periodically as a job.
+
+destination="${1:-$(mktemp -d)}"
+
+if [ ! -d "$destination" ]; then
+  echo "$destination does not exist. Creating it..."
+  mkdir -p "$destination"
+fi
+
+gpg --armor --export >"$destination/public.asc"
+gpg --armor --export-secret-keys >"$destination/secret.asc"
+gpg --armor --export-ownertrust >"$destination/ownertrust.txt"
+
+echo $(realpath "$destination")

configs/shared/gpg/.gnupg/import.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Run this script to import all of the information exported by `export.sh`.
+# Usage: ./export.sh path/to/directory
+
+gpg --import "$1/public.asc"
+gpg --import "$1/secret.asc"
+gpg --import-ownertrust "$1/ownertrust.txt"
+
+# Run this at the end to output some verification
+gpg --list-keys

configs/shared/zsh/aliases.zsh

@@ -49,6 +49,12 @@ alias mdg="mix deps.get"
 alias mdu="mix deps.update"
 alias mdup="mix docker.up"
 
+# GPG
+alias gpged='gpg --edit-key wpcarro@gmail.com'
+alias gpge='gpg --encrypt'
+alias gpgd='gpg --decrypt'
+alias gpgls='gpg --list-keys'
+
 # Git
 alias g="git"
 alias glp='git log --graph --pretty=format:"%Cred%h%Creset -%Cblue %an %Creset - %C(yellow)%d%Creset %s %Cgreen(%cr)%Creset" --abbrev-commit --date=relative'

configs/shared/zsh/variables.zsh

@@ -1,6 +1,7 @@
 export TERMINAL=urxvtc
 export EDITOR=emacsclient
 export ALTERNATE_EDITOR=nvim
+export GPG_TTY=$(tty) # "It is important that this environment variable always reflects the output of the tty command". Source: https://gnupg.org/documentation/manuals/gnupg-devel/Invoking-GPG_002dAGENT.html
 
 BROWSER=google-chrome
 NIXIFY="$HOME/programming/nixify"