From 5eaefbe2527f8c8ce8fe06ffeef45009d99a50c2 Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Tue, 19 Apr 2022 08:49:26 +0000
Subject: [PATCH] Update access

---
 Makefile                            |   9 +++++----
 overlay/zdt/configs/access.conf.age | Bin 235 -> 630 bytes
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 23dcb9e..8276239 100644
--- a/Makefile
+++ b/Makefile
@@ -15,18 +15,19 @@ clean:
 age-add-gitignore:
 	@touch .gitignore; for f in $$(yq eval .paths[] .age.yml); do grep -qxF $$f .gitignore || echo $$f >> .gitignore; done
 
-# Decrypts all secrets and removes the .age file
+# Decrypts all secrets and deletes encrypted .age
 age-unseal:
 	@for f in $$(yq eval .paths[] .age.yml); do \
 		age --decrypt -i ~/.ssh/git.age -o $$f $$f.age && rm $$f.age; \
 	done
 
-# Encrypts all secrets, but compares the local unencrypted files with the decrypted content from the index first
+# Compares all unencrypted files against last encrypted versions
 # If there are no diffs, just restore the .age file from the index and delete the unaltered local unencrypted file
-# If there are changes re-encrypt
+# otherwise re-encrypt and remove clear text
 age-seal:
 	@keys=$$(yq eval .keys[] .age.yml | sed -e 's/^/-r /' ); \
 	for f in $$(yq eval .paths[] .age.yml); do \
 		[ -f $$f ] || continue; \
-		git restore $${f}.age 2>/dev/null && age --decrypt -i ~/.ssh/git.age $$f.age | diff -q - $$f 2>/dev/null 1>&2 && \
+		git restore $${f}.age 2>/dev/null && \
+		age --decrypt -i ~/.ssh/git.age $$f.age | diff -q - $$f 2>/dev/null 1>&2 && \
 		rm -f $$f || ( rm -f $$f.age; age --encrypt $$keys -o $$f.age $$f && rm -f $$f; ); done
diff --git a/overlay/zdt/configs/access.conf.age b/overlay/zdt/configs/access.conf.age
index 0f64c3ba17fd177757b3189fb9a472227ebab753..63556ad7842c4cbef3a783d86fc5ad02ba9e7e54 100644
GIT binary patch
delta 609
zcmV-n0-pWr0rmutAb(+4XgO44S4nX=PHRp=PFFKod2co|F=<RpMPy22R8d1gGkRBa
zV{2?uV+v+gNo#sILPm0QN<&LVHgHf_OnPTEOfhtAbVxK%GI>l%Q*AX!Q*JbOYYHtb
zEg)7-OIj~zLpU@=ZdYkIW<^m~LuGV9IX7A>G;M5iZBa-oR(~&8XG=jeb2JKzgt*bY
z6WXR&Pg|WE;>~8KAU}f0y$1e$i)^8Yj~DHTH8syIQ4N6VV6?@U_}*Ef)a*<uGdqep
zhp)T^I3_{GS!|1-ibvzr78Th<b<{-`oUJwG%xUU%E=_6E|E$t}7=xC7A!Z7Ld>ER}
zQEG)5(O#>Mrhj{j^~`oN^@Yi%;N_h;q4e^Z@EY(Nt=(!t2>|m``FF<^oJ*<W_I(Mu
ziS$`#`&G<9l;1?ZOr-L->isCHcGc6Nxy$kR%PktRDP6yibyuOEx$13r=nX-0&VH$+
zn+Px%A>sFgquMSAv-Q1sY!>sYCSL?ut}l47>1}9x^M4>N_pdnNxXdFi*4$?k-$DyL
zWwiS@bj92T-I*s%V-*N_dH3#;&UOX!x;d-*G1m0e{cnC=8Yt2Hv?a>BBqH10sx(P|
z_E60j{fq7t*qw_eqhQP23W(i}d)9=?ppnChUme~F!@xGGX^Y;+%o<T*_9zB&rp`1A
z`FR!%aatsqDH|LG#>%_qNf*oS-SUHSw&Gc72k$~*2*BbAD71UN6txY^oU1s`PbAYz
vpp;k0FAlcYwWx+Lge3``EZp<{)9bLC<=a{T*gG0d@yqT23Du<qmXHTM=-VOh

delta 211
zcmV;^04)FZ1nU8iAb)R7FlkG2Hb`tRIYM$cH)TXoIB|DMOHph?XLm0+IXOu|bZ#_P
zP&P49RSHBaWLRfpN<>a=R7){8P**v3RZ>}KN^o#tNi#@yM>#ZZLvK}hQdDm>a|$gj
zEg&&TR7XxvH+VrxHc>e+a%L-ZH%($}MMXA7Hd%O6Z%#Etc}z-eX-R5SRyYdF!gvPR
z83H%7;E*%D5c`bM)ktFXOG7qVrmmk$bxy4oV{WG3I;Ywx<<6X!=>c)fpl$nm)tO+?
NrQ;Td(OnSww2En9Q3wD4