Update access
This commit is contained in:
parent
8abcd4acdd
commit
5eaefbe252
9
Makefile
9
Makefile
|
@ -15,18 +15,19 @@ clean:
|
|||
age-add-gitignore:
|
||||
@touch .gitignore; for f in $$(yq eval .paths[] .age.yml); do grep -qxF $$f .gitignore || echo $$f >> .gitignore; done
|
||||
|
||||
# Decrypts all secrets and removes the .age file
|
||||
# Decrypts all secrets and deletes encrypted .age
|
||||
age-unseal:
|
||||
@for f in $$(yq eval .paths[] .age.yml); do \
|
||||
age --decrypt -i ~/.ssh/git.age -o $$f $$f.age && rm $$f.age; \
|
||||
done
|
||||
|
||||
# Encrypts all secrets, but compares the local unencrypted files with the decrypted content from the index first
|
||||
# Compares all unencrypted files against last encrypted versions
|
||||
# If there are no diffs, just restore the .age file from the index and delete the unaltered local unencrypted file
|
||||
# If there are changes re-encrypt
|
||||
# otherwise re-encrypt and remove clear text
|
||||
age-seal:
|
||||
@keys=$$(yq eval .keys[] .age.yml | sed -e 's/^/-r /' ); \
|
||||
for f in $$(yq eval .paths[] .age.yml); do \
|
||||
[ -f $$f ] || continue; \
|
||||
git restore $${f}.age 2>/dev/null && age --decrypt -i ~/.ssh/git.age $$f.age | diff -q - $$f 2>/dev/null 1>&2 && \
|
||||
git restore $${f}.age 2>/dev/null && \
|
||||
age --decrypt -i ~/.ssh/git.age $$f.age | diff -q - $$f 2>/dev/null 1>&2 && \
|
||||
rm -f $$f || ( rm -f $$f.age; age --encrypt $$keys -o $$f.age $$f && rm -f $$f; ); done
|
||||
|
|
Binary file not shown.
Loading…
Reference in New Issue