p1nox/git-secret.sh

## git-secret.sh
# https://confluence.atlassian.com/bitbucketserver/using-gpg-keys-913477014.html
# generate your gpg keys
gpg --gen-key
# fill prompt questions
gpg --list-keys
gpg --list-secret-keys --keyid-format LONG


# import/export keys: https://www.debuntu.org/how-to-importexport-gpg-key-pair/
# show hash id of your keys
gpg --list-keys
# copy your hash id "ABCDFE01", and export your keys files
gpg --output mygpgkey_pub.gpg --armor --export ABCDFE01
gpg --output mygpgkey_sec.gpg --armor --export-secret-key ABCDFE01
# import keys
gpg --import ~/mygpgkey_pub.gpg
gpg --allow-secret-key-import --import ~/mygpgkey_sec.gpg


# docs: http://git-secret.io/
# tutorial: https://asciinema.org/a/41811
# in case no git-secret setup
git secret init
# add user
git secret tell raul@elementus.io
# remove target file from git
git rm --cached config/default.json
# add target file to be handled by git-secret
git secret add config/default.json
# generate encrypted files
git secret hide
# remove non-encrypted files
rm -f config/default.json
# re-generate unencrypted files
git secret reveal


# deployments
# create gpg user
gpg --gen-key
# export user priv key
gpg --export-secret-key deployer@deployments.com --armor  > private_key.gpg
# upload priv key to server
scp private_key.gpg ubuntu@1.1.1.1:/home/ubuntu/private_key.gpg
# import priv key in server
gpg --import private_key.gpg
# install git secret
echo "deb https://dl.bintray.com/sobolevn/deb git-secret main" | sudo tee -a /etc/apt/sources.list
wget -qO - https://api.bintray.com/users/sobolevn/keys/gpg/public.key | sudo apt-key add -
sudo apt-get update && sudo apt-get install git-secret
	# https://confluence.atlassian.com/bitbucketserver/using-gpg-keys-913477014.html
	# generate your gpg keys
	gpg --gen-key
	# fill prompt questions
	gpg --list-keys
	gpg --list-secret-keys --keyid-format LONG


	# import/export keys: https://www.debuntu.org/how-to-importexport-gpg-key-pair/
	# show hash id of your keys
	gpg --list-keys
	# copy your hash id "ABCDFE01", and export your keys files
	gpg --output mygpgkey_pub.gpg --armor --export ABCDFE01
	gpg --output mygpgkey_sec.gpg --armor --export-secret-key ABCDFE01
	# import keys
	gpg --import ~/mygpgkey_pub.gpg
	gpg --allow-secret-key-import --import ~/mygpgkey_sec.gpg


	# docs: http://git-secret.io/
	# tutorial: https://asciinema.org/a/41811
	# in case no git-secret setup
	git secret init
	# add user
	git secret tell raul@elementus.io
	# remove target file from git
	git rm --cached config/default.json
	# add target file to be handled by git-secret
	git secret add config/default.json
	# generate encrypted files
	git secret hide
	# remove non-encrypted files
	rm -f config/default.json
	# re-generate unencrypted files
	git secret reveal



	# deployments
	# create gpg user
	gpg --gen-key
	# export user priv key
	gpg --export-secret-key deployer@deployments.com --armor > private_key.gpg
	# upload priv key to server
	scp private_key.gpg ubuntu@1.1.1.1:/home/ubuntu/private_key.gpg
	# import priv key in server
	gpg --import private_key.gpg
	# install git secret
	echo "deb https://dl.bintray.com/sobolevn/deb git-secret main" \| sudo tee -a /etc/apt/sources.list
	wget -qO - https://api.bintray.com/users/sobolevn/keys/gpg/public.key \| sudo apt-key add -
	sudo apt-get update && sudo apt-get install git-secret