d_weechat:
cmpignore:
- '*/weechat_fifo'
- '*/script/plugins.xml.gz'
- '*/logs'
dst: ~/.config/weechat
src: .config/weechat
trans: gpg-single "sec.conf"
trans_write: gpg-single "sec.conf"
# trans: gpg-weechat
# trans_write: gpg-weechat
upignore:
- '*/weechat_fifo'
- '*/script/plugins.xml.gz'
- '*/logs'
d_ssh:
cmpignore:
- '*/id_*'
- '*_rsa'
- '*_rsa.pub'
- '*/known_hosts*'
- '*/conn-github.com'
dst: ~/.ssh
src: .ssh
trans: gpg-single "config"
trans_write: gpg-single "config"
# trans: gpg-ssh
# trans_write: gpg-ssh
upignore:
- '*/id_*'
- '*_rsa'
- '*_rsa.pub'
- '*/known_hosts*'
- '*/conn-github.com'
trans_read:
gpg: '"$HOME/.dotfiles/bin/gpg-decrypt" "{0}" "{1}"'
gpg-single: '"{{@@ _dotrepo @@}}/bin/gpg-decrypt" "{0}" "{1}" "{2}"'
# gpg-ssh: '"$HOME/.dotfiles/bin/gpg-decrypt" "{0}" "{1}" config'
# gpg-weechat: '"$HOME/.dotfiles/bin/gpg-decrypt" "{0}" "{1}" sec.conf'
trans_write:
gpg: '"$HOME/.dotfiles/bin/gpg-encrypt" "{0}" "{1}"'
gpg-single: '"{{@@ _dotrepo @@}}/bin/gpg-encrypt" "{0}" "{1}" "{2}"'
# gpg-ssh: '"$HOME/.dotfiles/bin/gpg-encrypt" "{0}" "{1}" config'
# gpg-weechat: '"$HOME/.dotfiles/bin/gpg-encrypt" "{0}" "{1}" sec.conf'
# bin/gpg-encrypt
#!/usr/bin/env bash
# vim:fdm=marker:foldlevel=0:sw=2:ts=2:sts=2
set -euo pipefail
IFS=$'\n\t'
declare -a gpg_cmd
if command -v gpg2 &>/dev/null; then
gpg_cmd=( gpg2 )
else
gpg_cmd=( gpg )
fi
gpg_cmd=(
${gpg_cmd[@]}
--no-armor
-q
--for-your-eyes-only
--no-tty
--batch
--yes
)
set +u
if [[ -n $GPGKEY ]]; then
gpg_cmd=(
${gpg_cmd[@]}
--recipient
"$GPGKEY"
)
elif ! grep '^default-recipient' "${GNUPGHOME:-$HOME/.gnupg}/gpg.conf" &>/dev/null; then
echo 'Export $GPGKEY firstly!'
exit 1
fi
if [[ -n "$SSH_TTY" ]]; then
if [[ -S "$(gpgconf --list-dir agent-socket)" ]]; then
gpg_cmd=(
${gpg_cmd[@]}
--use-agent
)
fi
fi
set -u
if [[ $# -lt 2 ]]; then
echo "Not enough arguments"
exit 1
elif [[ $# -eq 2 ]]; then
shopt -s nullglob
if [[ -d "$1" ]]; then
mkdir -p "$2" 2>/dev/null
for i in "$1"/*; do
${gpg_cmd[@]} -r $GPGKEY -o "$2/${i##*/}" -e "$i"
done
elif [[ -f "$1" ]]; then
${gpg_cmd[@]} -r $GPGKEY -o "$2" -e "$1"
fi
else
command rm -rf "$2" 2>/dev/null
command cp -Rf -- "$1" "$2"
for i in "${@:3}"; do
${gpg_cmd[@]} -r $GPGKEY -o "$2/$i" -e "$1/$i"
done
fi
# bin/gpg-decrypt
#!/usr/bin/env bash
# vim:fdm=marker:foldlevel=0:sw=2:ts=2:sts=2
set -euo pipefail
IFS=$'\n\t'
declare -a gpg_cmd
if command -v gpg2 &>/dev/null; then
gpg_cmd=( gpg2 )
else
gpg_cmd=( gpg )
fi
gpg_cmd=(
${gpg_cmd[@]}
-q
--for-your-eyes-only
--no-tty
--batch
--yes
)
set +u
# recipient is added into the encryption already
if [[ -n "$SSH_TTY" ]]; then
if [[ -S "$(gpgconf --list-dir agent-socket)" ]]; then
gpg_cmd=(
${gpg_cmd[@]}
--use-agent
)
fi
fi
set -u
if [[ $# -lt 2 ]]; then
echo "Not enough arguments"
exit 1
elif [[ $# -eq 2 ]]; then
shopt -s nullglob
if [[ -d "$1" ]]; then
mkdir -p "$2" 2>/dev/null
for i in "$1"/*; do
${gpg_cmd[@]} -o "${2}/${i##*/}" -d "$i"
done
elif [[ -f "$1" ]]; then
${gpg_cmd[@]} -o "$2" -d "$1"
fi
else
command rm -rf "$2" 2>/dev/null
command cp -Rf -- "$1" "$2"
for i in "${@:3}"; do
${gpg_cmd[@]} -o "$2/$i" -d "$1/$i"
done
fi