Jafner/Jafner.net
1
0
Fork 0
Code Issues 16 Pull Requests Actions Packages Projects Releases Wiki Activity

#3 Set up scripts to encrypt/decrypt in place

Browse Source
This commit is contained in:
Joey Hafner 2024-08-15 15:13:41 -07:00
parent c5231f1311
commit 205ab38149
No known key found for this signature in database
3 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
homelab/.gitattributes vendored Normal file
View File

@ -0,0 +1 @@
testsecret.env filter=sops

32
homelab/.sops/decrypt-in-place.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# Takes one file path as input
# Outputs to a new file with `.enc` stripped from the end
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <file_path>"
exit 1
fi
SOPS_AGE_KEY_FILE=$HOME/.age/key
if [[ -f $SOPS_AGE_KEY_FILE ]]; then
export SOPS_AGE_KEY_FILE=$HOME/.age/key
fi
# Set age directory and default recipients
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
SOPS_AGE_RECIPIENTS="$(<$AGE_DIR/.age-author-pubkeys)"
# Get host to which input file belongs
FILE_PATH=$1
HOST_AGE_PUBKEY="$AGE_DIR/../$(realpath -m --relative-to=$AGE_DIR $FILE_PATH | cut -d'/' -f2)/.age-pubkey"
if [[ -f $HOST_AGE_PUBKEY ]]; then
SOPS_AGE_RECIPIENTS="$SOPS_AGE_RECIPIENTS,$(<$HOST_AGE_PUBKEY)"
fi
input_file=$1
file_extension=${input_file##*.}
file_name=${input_file%%.*}
output_file="$file_name.enc.$file_extension"
sops --decrypt --age ${SOPS_AGE_RECIPIENTS} -i $input_file

26
homelab/.sops/encrypt-in-place.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# Takes one file path as input
# Outputs to a new file named `$1.enc`
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <file_path>"
exit 1
fi
# Set age directory and default recipients
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
SOPS_AGE_RECIPIENTS="$(<$AGE_DIR/.age-author-pubkeys)"
# Get host to which input file belongs
FILE_PATH=$1
HOST_AGE_PUBKEY="$AGE_DIR/../$(realpath -m --relative-to=$AGE_DIR $FILE_PATH | cut -d'/' -f2)/.age-pubkey"
if [[ -f $HOST_AGE_PUBKEY ]]; then
SOPS_AGE_RECIPIENTS="$SOPS_AGE_RECIPIENTS,$(<$HOST_AGE_PUBKEY)"
fi
FILE_EXT=${FILE_PATH##*.}
FILE_NAME=${FILE_PATH%%.*}
OUTPUT_FILE="$FILE_NAME.enc.$FILE_EXT"
sops --encrypt --age ${SOPS_AGE_RECIPIENTS} -i $FILE_PATH