1inguini/pijul-encrypt - Change 73XTAX7A6FELJNJMKBXJQKZTJYASRGNS56KW2GUNIQH3MYBSIGPQC

肝心の.pijul/hook-encrypted.shがrecordされてなかった...

Created by 1inguini on March 12, 2025

73XTAX7A6FELJNJMKBXJQKZTJYASRGNS56KW2GUNIQH3MYBSIGPQC

Dependencies

In channels

main

Change contents

File deletion: hello
BF:BFD[3.1] → [2.0:16]
BF:BFD[2.16] → [2.17:17]
File deletion: secret
BF:BFD[2.17] → [2.19:36]
BF:BFD[2.36] → [2.37:37]
File deletion: hello.gpg
BF:BFD[2.37] → [2.313:353]
BF:BFD[2.353] → [2.354:354]
B:BD[2.354] → [2.355:567]
File deletion: world
BF:BFD[2.37] → [2.39:55]
BF:BFD[2.55] → [2.56:56]
File deletion: hello.gpg
BF:BFD[2.56] → [2.58:98]
BF:BFD[2.98] → [2.99:99]
B:BD[2.99] → [2.100:312]
File deletion: Hello World.gpg
BF:BFD[3.1] → [2.568:614]
BF:BFD[2.614] → [2.615:615]
B:BD[2.615] → [2.616:827]
File deletion: .ignore
BF:BFD[3.1] → [2.828:859]
BF:BFD[2.859] → [2.860:860]
B:BD[2.860] → [2.861:875]
```
.git
.DS_Store
```
File deletion: .encrypt.d
BF:BFD[3.1] → [2.876:897]
BF:BFD[2.897] → [2.898:898]
File deletion: master_key.gpg
BF:BFD[2.898] → [2.900:945]
BF:BFD[2.945] → [2.946:946]
B:BD[2.946] → [2.947:1048]
File deletion: .encrypt
BF:BFD[3.1] → [2.1049:1081]
BF:BFD[2.1081] → [2.1082:1082]
B:BD[2.1082] → [2.1083:1106]
```
**/secret/*
Hello World
```
File addition: .pijul (d--x------)
[3.1]

File addition: hook-encrypt.sh (----------)

[0.18]

#!/bin/sh
set -ex
# 改行以外の空白で文字列を分割しない
IFS='
'
if ! gpg=$(command -v gpg2) >/dev/null; then
  echo "$0 requires gpg2" >&2
  false
fi
# if ! sha256sum=$(command -v sha256sum) >/dev/null; then
#   echo "$0 requires sha256sum" >&2
#   false
# fi
if [ -f .encrypt/master_key.gpg ]; then
  echo "No master key in repositry. Repositry not initialized for pijul-encrypt" >&2
  false
fi
encrypt() {
  path=$1
  $gpg --decrypt .encrypt.d/master_key.gpg |
    $gpg --batch --passphrase-fd 0 \
      --sign --encrypt-to-default-key --symmetric "$path"
}
# decrypt() {
#   path=$1
#   $gpg --decrypt .encrypt.d/master_key.gpg |
#     $gpg --batch --output - --pinentry-mode loopback --passphrase-fd 0 \
#       --decrypt "$path"
# }
rules=$(cat .encrypt)
# globを展開、マッチするディレクトリの中身も全部マッチしたいのでfindを噛ませる
# shellcheck disable=SC2086
secrets_in_worktree=$(find $(cat .encrypt) -type f)
: "↓debug secrets_in_worktree↓
$secrets_in_worktree"
# pijulが記録しているパスのうち`.encrypt`にマッチするもの
secrets_in_tracked=$(printf '%s\n' $secrets_in_worktree $(pijul list) | sort | uniq -d)
: "↓debug secrets_in_tracked↓
$secrets_in_tracked"
# .encryptにマッチするパスをremoveして`.gpg`をつけてaddし直す
for path in $secrets_in_tracked; do
  case $path in
  *.gpg)
    break
    ;;
  *)
    pijul remove "$path" # 秘密のファイルはrecordしてはいけない
    touch "$path.gpg"
    pijul add "$path.gpg"
    ;;
  esac
done
# # `.gpg`で終わるファイルを更新
# for path in $(pijul list); do
#   case $path in
#   .encrypt.d/master_key.gpg) ;;
#   *.gpg)
#     if [ -f "$path" ]; then
#       rm "$path"
#     fi
#     encrypt "${path%%.gpg}"
#     ;;
#   esac
# done

File addition: config (----------)

[0.18]

[hooks]
record = ['sh ./.pijul/hook-encrypt.sh']

File addition: .ignore (----------)
[3.1]
```
.git
.DS_Store
```
File addition: .encrypt.d (d--x------)
[3.1]
File addition: master_key.gpg (----------)
[0.2035]
File addition: .encrypt (----------)
[3.1]
```
**/secret/*
Hello World
```

肝心の.pijul/hook-encrypted.shがrecordされてなかった...

Dependencies

In channels

Change contents

File deletion: hello

File deletion: secret

File deletion: hello.gpg

File deletion: world

File deletion: hello.gpg

File deletion: Hello World.gpg

File deletion: .ignore

File deletion: .encrypt.d

File deletion: master_key.gpg

File deletion: .encrypt

File addition: .pijul (d--x------)

File addition: hook-encrypt.sh (----------)

File addition: config (----------)

File addition: .ignore (----------)

File addition: .encrypt.d (d--x------)

File addition: master_key.gpg (----------)

File addition: .encrypt (----------)