Update dotfiles/.config/age/run_once_before_decrypt-private-key.sh.tmpl, dotfiles/.config/age/expect, dotfiles/.local/share/chezmoi/home/.chezmoiignore, dotfiles/.local/share/chezmoi/.chezmoiignore
This commit is contained in:
parent
110f0bb9a6
commit
ed0f23a8df
4 changed files with 24 additions and 0 deletions
11
dotfiles/.config/age/expect
Normal file
11
dotfiles/.config/age/expect
Normal file
|
@ -0,0 +1,11 @@
|
|||
#!/usr/bin/expect
|
||||
# TODO: https://github.com/hyperupcall/dots/tree/8e62ad19f4fa870bd70b1816d383bc32e9b6d149/dotmgr
|
||||
# https://www.chezmoi.io/user-guide/frequently-asked-questions/encryption/#how-do-i-configure-chezmoi-to-encrypt-files-but-only-request-a-passphrase-the-first-time-chezmoi-init-is-run
|
||||
# Figure out way of not writing AGE_PASSPHRASE to disk - keep in mem
|
||||
|
||||
spawn ./test.bash
|
||||
expect "Enter passphrase*"
|
||||
send -- "{{ .Env.AGE_PASSPHRASE }}\r"
|
||||
expect "Confirm passphrase*"
|
||||
send -- "{{ .Env.AGE_PASSPHRASE }}\r"
|
||||
expect eof
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
|
||||
if [ ! -f "$HOME/.config/age/headless.txt" ]; then
|
||||
logg 'Generating age public key under `~/.config/age/key.txt`'
|
||||
age-keygen > "$HOME/.config/age/headless.txt"
|
||||
fi
|
||||
|
||||
if [ ! -f "$HOME/.config/age/key.txt" ]; then
|
||||
age --decrypt --output "$HOME/.config/age/key.txt" "{{ .chezmoi.sourceDir }}/key.txt.age"
|
||||
chmod 600 "${HOME}/key.txt"
|
||||
fi
|
1
dotfiles/.local/share/chezmoi/.chezmoiignore
Normal file
1
dotfiles/.local/share/chezmoi/.chezmoiignore
Normal file
|
@ -0,0 +1 @@
|
|||
key.txt.age
|
|
@ -1,3 +1,4 @@
|
|||
key.txt.age
|
||||
.chezmoiscripts/**/*
|
||||
!.chezmoiscripts/{{ .host.distro.id }}/**/*
|
||||
|
||||
|
|
Loading…
Reference in a new issue