mynix/agenix
1
0
Fork 0
mirror of https://github.com/ryantm/agenix.git synced 2024-11-22 17:50:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #7 from ryantm/issue5

Browse source 
use only ~/.ssh/id_rsa and ~/.ssh/id_ed25519 for decryption; friendlier error message when no identity
This commit is contained in:
Ryan Mulligan 2020-12-18 20:07:22 -08:00 committed by GitHub
commit 092ba8b166
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
pkgs/agenix.nix
View file

@ -105,10 +105,16 @@ function edit {
if [ -f "$FILE" ] if [ -f "$FILE" ]
then then
DECRYPT=("''${DEFAULT_DECRYPT[@]}") DECRYPT=("''${DEFAULT_DECRYPT[@]}")
while IFS= read -r key if [ -f "$HOME/.ssh/id_rsa" ]; then
do DECRYPT+=(--identity "$HOME/.ssh/id_rsa")
DECRYPT+=(--identity "$key") fi
done <<<"$((find ~/.ssh -maxdepth 1 -type f -not -name "*pub" -not -name "config" -not -name "authorized_keys" -not -name "known_hosts") || exit 1)" if [ -f "$HOME/.ssh/id_ed25519" ]; then
DECRYPT+=(--identity "$HOME/.ssh/id_ed25519")
fi
if [[ "''${DECRYPT[*]}" != *"--identity"* ]]; then
echo "No identity found to decrypt $FILE. Try adding an SSH key at $HOME/.ssh/id_rsa or $HOME/.ssh/id_ed25519 or using the --identity flag to specify a file."
exit 1
fi
DECRYPT+=(-o "$CLEARTEXT_FILE" "$FILE") DECRYPT+=(-o "$CLEARTEXT_FILE" "$FILE")
${ageBin} "''${DECRYPT[@]}" || exit 1 ${ageBin} "''${DECRYPT[@]}" || exit 1
cp "$CLEARTEXT_FILE" "$CLEARTEXT_FILE.before" cp "$CLEARTEXT_FILE" "$CLEARTEXT_FILE.before"