diff --git a/.envrc b/.envrc index 648fc02..fb376db 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,4 @@ + _gpgconv="gpg2 -d --quiet --yes --compress-algo=none --no-encrypt-to" if [ "$(git config diff.gpg.textconv)" != "$_gpgconv" ]; then git config diff.gpg.binary true @@ -5,3 +6,5 @@ if [ "$(git config diff.gpg.textconv)" != "$_gpgconv" ]; then fi export PASSWORD_STORE_DIR=$PWD/secrets +export REAL_PASS=$(which pass) +PATH_add tools diff --git a/secrets/sendgrid.gpg b/secrets/sendgrid.gpg index f3df778..6c45657 100644 Binary files a/secrets/sendgrid.gpg and b/secrets/sendgrid.gpg differ diff --git a/tools/pass b/tools/pass new file mode 100755 index 0000000..d67b535 --- /dev/null +++ b/tools/pass @@ -0,0 +1,9 @@ +#!/bin/sh + +# This hack allows passwords to be in a sub-directory "secrets", and +# still visible for git. +# +# This is not a good setup, because `pass git status` will show +# relative paths to `secrets/`. We need a better solution, but I +# don't know a good one yet. +grep -v "export GIT_CEILING_DIRECTORIES=" "$REAL_PASS" | bash -s -- "$@"