passwords.rake

########################################################################
### Rakefile for encrypted passwords
########################################################################
#
# Here's a little Rakefile to manage your encrypted password file! It's
# really easy to use:
#
# 1) put the email addresses of the keys you want in AUTHORIZED_USERS
# 2) create a passwords.txt (and ignore it in your SCM)
# 3) run `rake passwords:encrypt`
# 4) check in passwords.pgp
#
# To decrypt, just run `rake passwords:decrypt`
#
########################################################################
#
# Ben Bleything wrote this, and would love it if you gave him lots of
# money. You can email him at ben@bleything.net for wire transfer info.
#
# That said, there's nothing special in here, so I'm placing it in the
# public domain.
#

AUTHORIZED_USERS = %w[
  ben@bleything.net
]

namespace :passwords do

  desc "Encrypts the current passwords.txt file"
  task :encrypt do
    # ascii armor, encrypt, sign, overwrite passwords.pgp
    cmd = %w[
      gpg --armor --encrypt --sign --output passwords.pgp --yes
    ]

    # add -r <email> for each user
    AUTHORIZED_USERS.each do |user|
      cmd << "-r #{user}"
    end

    # and encrypt the passwords.txt
    cmd << "passwords.txt"

    exec *cmd
  end

  desc "Decrypts passwords.gpg and writes it to passwords.txt"
  task :decrypt do
    exec %w[gpg --armor --decrypt --output passwords.txt passwords.pgp]
  end

end