This patch implements an OpenSSL cypher (via openssl enc command). It has to be enabled using yadm.cypher configuration key.
Some rough edges:
- archive file refers to GPG (.gpg extension)
- no test cases
Support is inherently provided by `enter`, which supports a command.
I've added a `transcrypt` command, which is really just an alias
under-the-hood for "enter transcrypt".
Update version number and update documentation
* Support multiple keys in `yadm.gpg-recipient` (#139)
* Ensure all templates are written atomically (#142)
* Add encrypt_with_checksums to the hooks collection (#188)
* Escape white space in YADM_HOOK_FULL_COMMAND (#187)
* Improve parsing of os-release (#194)
* Improve identification of WSL (#196)
* Fix troff warnings emitted by man page (#195)
* Write encrypt-based exclusions during decrypt
This takes jonasc's change, and applies it to all template writing. Also
removes the dependency on mktemp, and only moves files if they are
successfully written.
This prevents problems with programs which watch the file for changes and will
first be presented an empty file.
One such example which will show a notification message about an empty config
file is Alacritty.
By writing to a tempory file and then moving it (atomically?) to the real
location this problem is mitigated.
Update version number and update documentation
* Support git-crypt (#168)
* Support specifying a command after `yadm enter`
* Expose GIT_WORK_TREE during `yadm enter` (#160)
* Support GNUPGHOME environment variable (#134)
* Assert private dirs, only when worktree = $HOME (#171)
Support is inherently provided by `enter`, which now supports a command.
I've added a `git-crypt` command, which is really just an alias
under-the-hood for "enter git-crypt".
Update version number and update documentation
* Resolve hostname using `uname -n` (#182)
* Use /etc/os-release if lsb_release is missing (#175)
* Issue warning for any invalid alternates found (#183)
* Add support for gawk (#180)
Update version number and update documentation
* Use relative symlinks for alternates (#100, #177)
* Support double-star globs in .config/yadm/encrypt (#109)
* Improve bash completion (#136)
* Update docs about using magit (#123)
* Note exception for WSL (#113)
Update version number and update documentation
* Support XDG base directory specification
* Redesign alternate processing
* Add built-in default template processor
* Allow storing alternates in yadm dir (#90)
* Add support for j2cli template processor
* Ignore encrypted files (#69)
* Support DISTRO in alternates (#72)
* Support `source` in templates (#163)
* Change yadm.cygwin-copy to yadm.alt-copy
* Support `-b <branch>` when cloning (#133)
* Support includes for j2-based templates (#114)
* Remove stale/invalid linked alternates (#65)
* Add support for Mingw/Msys (#102)
* Allow `-l` to pass thru to the `yadm config` command
* Improve processing of `yadm/encrypt`
* Fix bugs in legacy alternate processing
* Fix bug with hidden private files
* Improve support for older versions of Git
* Add upgrade command
This change allows alternates to be stored in "$YADM_DIR/alt". The
correct path within the work tree will be symlinked.
Storing alternates within the work tree is still allowed. Both locations
will be considered when choosing an appropriate alternate file.
A new variable is exposed to templates, which holds the filename of the
template source. The primary use case is to be able to include a warning
message within the template. For example:
# Do not edit. This file auto-generated from {{ yadm.source }}.
Some calls to git ignored the yadm.gpg-program configuration option
and called the first git found in $PATH instead. Make them adhere to
the configured git program by replacing the call with $GIT_PROGRAM.
Previously the tracked files were sorted, and then the files and their
parent directories were considered for possible alternates. Depending on
the length of directories and names of files, inconsistencies would
occur because the directory separator (/) would be part of the sorting.
To fix this, a unique list of tracked files and their parent directories
are sorted into a single list which is processed.
MINGW* systems don't have a +x flag.
Everything is executable if it exists (as far as I know).
This, while trying to run hooks on MINGW* systems just check
for the existence of the file instead of -x
Update version number and update documentation
* Add basic Zsh completion (#71, #79)
* Support directories in `.yadm/encrypt` (#81, #82)
* Support exclusions in `.yadm/encrypt` (#86)
* Improve portability with printf (#87)
* Eliminate usage of `eval` and `ls`
`eval` has always been used to process the globs in `.yadm/encrypt`.
This is being removed, as there is a risk of executing "dirty" data
found in `.yadm/encrypt`.
Caveats of this change:
* Brace and tilde expansion will no longer work in `.yadm/encrypt`
* Paths with spaces must not be quoted anymore
Directories are created prior to merge during clone, and prior to any
Git command run.
This directly addresses CVE-2017-11353.
When cloning a repo which includes data in a .ssh or .gnupg directory,
if those directories do not exist at the time of cloning, yadm will
create the directories with mask 0700 prior to merging the fetched data
into the work-tree.
When running a Git command and .ssh or .gnupg directories do not exist,
create those directories with mask 0700 prior to running the Git
command. However, do not create those directories if
yadm.auto-private-dirs is false.
Update version number and update documentation
* Option for Cygwin to copy files instead of symlink (#62)
* Support `YADM_DISTRO` in Jinja templates (#68)
* Support pre/post hooks for every command (#70)
Update version number and update documentation
* Add Bash completion script (#60)
* Support WSL detection (#61)
* Add introspect command (used by completion)
`uname -s` was already being executed every run for *cygwin* detection.
I've consolidated all of the OS detection into a single function. This
also fixed the problem of running `uname -s` twice for the `alt`
command.
Update version number and update documentation
* Fix bug alternates based on `CLASS` (#51)
* Support globs and paths with space in .yadm/encrypt (#53, #54)
* Add support for alternate files using Jinja templates (#56, #58)
* Add `enter` command, for creating a sub-shell (#57)
* Support local.hostname properly (#59)
* Determine envtpl using `command -v` instead of `which` (more portable)
* Anchor the end of template file names in regex
* Quote variables to allow for whitespace in file names
With the new functionality, when the 'alt' command is called (or automatically
triggered), any file with a name ending in '##yadm_tmpl' is treated as a jinja
template. The template is processed by envtpl and the result is written to a
file without the '##yadm_tmpl' name. The variables passed into the template
processing are
YADM_CLASS
YADM_OS
YADM_HOSTNAME
YADM_USER
These variables are set according to the normal rules for
CLASS, OS, HOSTNAME, and USER during the alt processing.
Run a subshell with all git variables set. This can be used to easily
interact with your git repository. This is also useful if you are using
Emacs Tramp and magit to manage your directory.
Signed-off-by: Sébastien Gross <seb•ɑƬ•chezwam•ɖɵʈ•org>
Update version number and update documentation
* Add `CLASS` to supported alt-link patterns (#21)
* Add bootstrap command (#42)
* Support wildcards for alt-links (#43)
* Stash conflicting data during clone (#44)
* Offer bootstrap after successful clone (#45)
* Display supported configs for `yadm config` (#46)
* Add "curl-pipe" program to clone without installation (#48)
* Fix bug in alt-link regular expressions (#49)
Overrides are meant to be local to each system, unlike other
configurations which are often added to a user's dotfiles repository.
With this change, the configurations change names:
alt.class => local.class
alt.os => local.os
alt.host => local.host
alt.user => local.user