diff --git a/yadm b/yadm index ffcb074..a89bfa4 100755 --- a/yadm +++ b/yadm @@ -226,6 +226,14 @@ function encrypt() { return } + #; Build gpg options for gpg + GPG_KEY="$(config yadm.gpg-recipient)" + if [ "$GPG_KEY" != "" ]; then + GPG_OPTS="-er $GPG_KEY" + else + GPG_OPTS="-c" + fi + #; build a list of globs from YADM_ENCRYPT GLOBS=() while IFS='' read -r glob || [ -n "$glob" ]; do @@ -235,7 +243,7 @@ function encrypt() { done < "$YADM_ENCRYPT" #; encrypt all files which match the globs - tar -cv "${GLOBS[@]}" | gpg --yes -c --output "$YADM_ARCHIVE" + tar -cv ${GLOBS[@]} | gpg --yes "$GPG_OPTS" --output "$YADM_ARCHIVE" if [ $? = 0 ]; then echo "Wrote new file: $YADM_ARCHIVE" else diff --git a/yadm.1 b/yadm.1 index db623fd..c6eb9c7 100644 --- a/yadm.1 +++ b/yadm.1 @@ -292,6 +292,12 @@ This feature is enabled by default. Disable the permission changes to .IR $HOME/.gnupg/* . This feature is enabled by default. +.TP +.B yadm.gpg-recipient +Asymmetrically encrypt files with a gpg public/private key pair. +Provide a key ID to encrypt against that public key. +If left blank or not provided, symmetric encryption is used instead. +This feature is disabled by deafult. .SH ALTERNATES When managing a set of files across different systems, it can be useful to have an automated way of choosing an alternate version of a file for a different diff --git a/yadm.md b/yadm.md index 6dbe4a7..0641592 100644 --- a/yadm.md +++ b/yadm.md @@ -179,6 +179,12 @@ Disable the permission changes to $HOME/.gnupg/*. This feature is enabled by default. + yadm.gpg-recipient + Asymmetrically encrypt files with a gpg public/private key pair. + Provice a key ID to encrypt against that public key. + If left blank or not provided, symmetric encryption is used + instead. This feature is disabled by deafult. + ## ALTERNATES When managing a set of files across different systems, it can be useful to have an automated way of choosing an alternate version of a file for