Script to store secrets to keyring (#63)
This commit is contained in:
parent
5659eae991
commit
c6110fbfca
2 changed files with 31 additions and 4 deletions
|
@ -0,0 +1,27 @@
|
||||||
|
{{- if and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) -}}
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# @file Store Secrets in Keyring
|
||||||
|
# @brief Stores secret environment variables into the System keyring
|
||||||
|
# @description
|
||||||
|
# This script imports secret environment variables into the System keyring if `envchain` is installed.
|
||||||
|
# Secrets stored in the folder 'home/.chezmoitemplates/secrets' following the Install Doctor method are
|
||||||
|
# imported into the System keyring by this script. There is only one namespace called `default` where the
|
||||||
|
# secrets are stored. Executing `envchain default env` displays all the environment variables and their values.
|
||||||
|
#
|
||||||
|
# ## Secrets
|
||||||
|
#
|
||||||
|
# For more information about storing secrets like SSH keys and API keys, refer to our [Secrets documentation](https://install.doctor/docs/customization/secrets).
|
||||||
|
|
||||||
|
{{ includeTemplate "universal/profile" }}
|
||||||
|
{{ includeTemplate "universal/logg" }}
|
||||||
|
|
||||||
|
### Import environment variables into `envchain`
|
||||||
|
if command -v envchain > /dev/null; then
|
||||||
|
logg info 'Importing environment variables into the System keyring'
|
||||||
|
for file in {{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "*" }}; do
|
||||||
|
cat "$file" | chezmoi decrypt | envchain -s default "$(basename $file)" > /dev/null || logg info 'Importing "$(basename $file)" failed'
|
||||||
|
done
|
||||||
|
else
|
||||||
|
logg info '`envchain` is not installed or it is not available in the PATH'
|
||||||
|
fi
|
||||||
|
{{ end -}}
|
|
@ -2569,7 +2569,7 @@ softwarePackages:
|
||||||
cask: prezi-video
|
cask: prezi-video
|
||||||
orbstack:
|
orbstack:
|
||||||
_bin: orb
|
_bin: orb
|
||||||
_github:
|
_github:
|
||||||
_name: OrbStack
|
_name: OrbStack
|
||||||
_when:cask: '! test -d /Applications/OrbStack.app && ! test -d $HOME/Applications/OrbStack.app'
|
_when:cask: '! test -d /Applications/OrbStack.app && ! test -d $HOME/Applications/OrbStack.app'
|
||||||
cask: orbstack
|
cask: orbstack
|
||||||
|
@ -2647,7 +2647,7 @@ softwarePackages:
|
||||||
_docs: https://github.com/sorah/envchain#usage
|
_docs: https://github.com/sorah/envchain#usage
|
||||||
_github: https://github.com/sorah/envchain
|
_github: https://github.com/sorah/envchain
|
||||||
_home: https://github.com/sorah/envchain
|
_home: https://github.com/sorah/envchain
|
||||||
_name: envconsul
|
_name: envchain
|
||||||
brew: envchain
|
brew: envchain
|
||||||
github: github.com/sorah/envchain
|
github: github.com/sorah/envchain
|
||||||
_envchain:deps:
|
_envchain:deps:
|
||||||
|
@ -6088,7 +6088,7 @@ softwarePackages:
|
||||||
generator-ngx-rocket:
|
generator-ngx-rocket:
|
||||||
_bin: ngx
|
_bin: ngx
|
||||||
_github: https://github.com/ngx-rocket/generator-ngx-rocket
|
_github: https://github.com/ngx-rocket/generator-ngx-rocket
|
||||||
_name: Angular
|
_name: Angular
|
||||||
npm: generator-ngx-rocket
|
npm: generator-ngx-rocket
|
||||||
ngxtop:
|
ngxtop:
|
||||||
_bin: ngxtop
|
_bin: ngxtop
|
||||||
|
@ -7531,7 +7531,7 @@ softwarePackages:
|
||||||
zypper: xrdp
|
zypper: xrdp
|
||||||
yay: xrdp
|
yay: xrdp
|
||||||
kasmvnc:
|
kasmvnc:
|
||||||
_bin:
|
_bin:
|
||||||
dnf: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
|
dnf: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
|
||||||
responsively:
|
responsively:
|
||||||
_bin: null
|
_bin: null
|
||||||
|
|
Loading…
Reference in a new issue