# GnuPG-encrypted account key (WARN: this test is not interactive)

PASSPHRASE="test"

DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends gpg gpg-agent

gpg --batch --passphrase "$PASSPHRASE" --quick-generate-key "nobody <noreply@example.net>"
keyid="$(gpg --list-secret-key --with-colons | grep -m1 ^fpr: | cut -sd: -f10)"
gpg --encrypt -r "$keyid" /etc/lacme/account.key
sed -ri '0,\|^#?privkey\s*=.*| {s||privkey = gpg:/etc/lacme/account.key.gpg|}' /etc/lacme/lacme-accountd.conf

export GPG_TTY="$(tty)"
lacme account

# vim: set filetype=sh :