jolheiser
72352f984f
Signed-off-by: jolheiser <john.olheiser@gmail.com> |
||
|---|---|---|
| .woodpecker | ||
| cmd | ||
| secrets | ||
| .git-age.yaml | ||
| .gitattributes | ||
| .gitignore | ||
| .goreleaser.yaml | ||
| LICENSE | ||
| README.md | ||
| flake.lock | ||
| flake.nix | ||
| go.mod | ||
| go.sum | ||
| key.txt | ||
| main.go | ||
| man.go | ||
| ssh | ||
| ssh.pub | ||
README.md
git-age
This is a Go port of git-agecrypt with some slight modifications.
Echoed from the original project:
Why should I use this?
Short answer: you probably shouldn't. Before considering this approach, take a look at SOPS and Hashicorp Vault if they are better suited for the problem at hand. They have a clear security advantage over
git-age.The one use-case where it makes sense to use
git-ageinstead is when you want to keep some files secret on a (potentially public) git remote, but you need to have the plaintext in the local working tree because you cannot hook into the above tools for your workflow. Being lazy is not an excuse to use this software.
Adding git-age to a new repository
- Install
git-agein yourPATH git age init- Add some identities
git age ident key.txtgit age ident ssh
- Set up your config (example)
- Add your secrets to
.gitattributessecret.txt diff=git-age filter=git-age - Use git like normal.
Decrypting an existing repository
Similar to initial install, adding identities prior to init so that any encrypted files are decrypted during initialization.
- Install
git-agein yourPATH - Clone the repository
- Add some identities
git age ident key.txtgit age ident ssh
git age init- Use git like normal
License
This software was written based off of git-agecrypt.