mirror of
https://github.com/StackExchange/blackbox.git
synced 2025-12-15 19:13:01 +02:00
Update comments and add newly added files to packages.
This commit is contained in:
tlimoncelli@stackexchange.com
41
Makefile
41
Makefile
@@ -15,29 +15,13 @@ install:
|
|||||||
# The default package type is RPM.
|
# The default package type is RPM.
|
||||||
packages: packages-rpm
|
packages: packages-rpm
|
||||||
|
|
||||||
#
|
|
||||||
# MacPorts builds
|
|
||||||
#
|
|
||||||
# To test:
|
|
||||||
# rm -rf /tmp/foo ; mkdir -p /tmp/foo;make packages-macports DESTDIR=/tmp/foo;find /tmp/foo -ls
|
|
||||||
|
|
||||||
# Make mk_macports.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
|
|
||||||
tools/mk_macports.vcs_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
|
|
||||||
sed -e 's@/usr/blackbox/bin/@bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_rpm_fpmdir.stack_blackbox.txt >$@
|
|
||||||
|
|
||||||
# Make mk_deb_fpmdir.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
|
|
||||||
tools/mk_deb_fpmdir.stack_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
|
|
||||||
sed -e 's@/usr/blackbox/bin/@/usr/bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_deb_fpmdir.stack_blackbox.txt >$@
|
|
||||||
|
|
||||||
# MacPorts expects to run: make packages-macports DESTDIR=${destroot}
|
|
||||||
packages-macports: tools/mk_macports.vcs_blackbox.txt
|
|
||||||
mkdir -p $(DESTDIR)/bin
|
|
||||||
cd tools && ./mk_macports mk_macports.vcs_blackbox.txt
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# RPM builds
|
# RPM builds
|
||||||
#
|
#
|
||||||
|
|
||||||
|
# NOTE: mk_rpm_fpmdir.stack_blackbox.txt is the master list of files. All
|
||||||
|
# other packages should generate their list from it.
|
||||||
|
|
||||||
packages-rpm:
|
packages-rpm:
|
||||||
cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_rpm_fpmdir stack_blackbox mk_rpm_fpmdir.stack_blackbox.txt
|
cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_rpm_fpmdir stack_blackbox mk_rpm_fpmdir.stack_blackbox.txt
|
||||||
|
|
||||||
@@ -67,6 +51,10 @@ unlock-rpm:
|
|||||||
packages-deb: tools/mk_deb_fpmdir.stack_blackbox.txt
|
packages-deb: tools/mk_deb_fpmdir.stack_blackbox.txt
|
||||||
cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_deb_fpmdir stack_blackbox mk_deb_fpmdir.stack_blackbox.txt
|
cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_deb_fpmdir stack_blackbox mk_deb_fpmdir.stack_blackbox.txt
|
||||||
|
|
||||||
|
# Make mk_deb_fpmdir.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
|
||||||
|
tools/mk_deb_fpmdir.stack_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
|
||||||
|
sed -e 's@/usr/blackbox/bin/@/usr/bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_deb_fpmdir.stack_blackbox.txt >$@
|
||||||
|
|
||||||
packages-deb-debug: tools/mk_deb_fpmdir.stack_blackbox.txt
|
packages-deb-debug: tools/mk_deb_fpmdir.stack_blackbox.txt
|
||||||
@echo BUILD:
|
@echo BUILD:
|
||||||
@PKGRELEASE=99 make packages-deb
|
@PKGRELEASE=99 make packages-deb
|
||||||
@@ -80,6 +68,21 @@ local-deb:
|
|||||||
-@sudo dpkg -e $(PKGNAME)
|
-@sudo dpkg -e $(PKGNAME)
|
||||||
sudo dpkg -i $$(cat ~/rpmbuild-$(PKGNAME)/bin-packages.txt)
|
sudo dpkg -i $$(cat ~/rpmbuild-$(PKGNAME)/bin-packages.txt)
|
||||||
|
|
||||||
|
#
|
||||||
|
# MacPorts builds
|
||||||
|
#
|
||||||
|
# To test:
|
||||||
|
# rm -rf /tmp/foo ; mkdir -p /tmp/foo;make packages-macports DESTDIR=/tmp/foo;find /tmp/foo -ls
|
||||||
|
|
||||||
|
# Make mk_macports.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
|
||||||
|
tools/mk_macports.vcs_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
|
||||||
|
sed -e 's@/usr/blackbox/bin/@bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_rpm_fpmdir.stack_blackbox.txt >$@
|
||||||
|
|
||||||
|
# MacPorts expects to run: make packages-macports DESTDIR=${destroot}
|
||||||
|
packages-macports: tools/mk_macports.vcs_blackbox.txt
|
||||||
|
mkdir -p $(DESTDIR)/bin
|
||||||
|
cd tools && ./mk_macports mk_macports.vcs_blackbox.txt
|
||||||
|
|
||||||
# Add other package types here.
|
# Add other package types here.
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|||||||
11
README.md
11
README.md
@@ -91,20 +91,23 @@ Commands:
|
|||||||
|
|
||||||
| Name: | Description: |
|
| Name: | Description: |
|
||||||
| --- | --- |
|
| --- | --- |
|
||||||
| `blackbox_addadmin` | Add someone to the list of people that can encrypt/decrypt secrets |
|
|
||||||
| `blackbox_cat` | Decrypt and view the contents of a file |
|
|
||||||
| `blackbox_diff` | Diff decrypted files against their original crypted version |
|
|
||||||
| `blackbox_edit` | Decrypt, run $EDITOR, re-encrypt a file |
|
| `blackbox_edit` | Decrypt, run $EDITOR, re-encrypt a file |
|
||||||
| `blackbox_edit_start` | Decrypt a file so it can be updated |
|
| `blackbox_edit_start` | Decrypt a file so it can be updated |
|
||||||
| `blackbox_edit_end` | Encrypt a file after blackbox_edit_start was used |
|
| `blackbox_edit_end` | Encrypt a file after blackbox_edit_start was used |
|
||||||
|
| `blackbox_cat` | Decrypt and view the contents of a file |
|
||||||
|
| `blackbox_diff` | Diff decrypted files against their original crypted version |
|
||||||
| `blackbox_initialize` | Enable blackbox for a GIT or HG repo |
|
| `blackbox_initialize` | Enable blackbox for a GIT or HG repo |
|
||||||
| `blackbox_postdeploy` | Decrypt all managed files |
|
|
||||||
| `blackbox_register_new_file` | Encrypt a file for the first time |
|
| `blackbox_register_new_file` | Encrypt a file for the first time |
|
||||||
|
| `blackbox_list_files` | List the files maintained by blackbox |
|
||||||
|
| `blackbox_decrypt_all_files` | Decrypt all managed files (INTERACTIVE) |
|
||||||
|
| `blackbox_postdeploy` | Decrypt all managed files (batch) |
|
||||||
|
| `blackbox_addadmin` | Add someone to the list of people that can encrypt/decrypt secrets |
|
||||||
| `blackbox_removeadmin` | Remove someone from the list of people that can encrypt/decrypt secrets |
|
| `blackbox_removeadmin` | Remove someone from the list of people that can encrypt/decrypt secrets |
|
||||||
| `blackbox_shred_all_files` | Safely delete any decrypted files |
|
| `blackbox_shred_all_files` | Safely delete any decrypted files |
|
||||||
| `blackbox_update_all_files` | Decrypt then re-encrypt all files. Useful after keys are changed |
|
| `blackbox_update_all_files` | Decrypt then re-encrypt all files. Useful after keys are changed |
|
||||||
| `blackbox_whatsnew` | show what has changed in the last commit for a given file |
|
| `blackbox_whatsnew` | show what has changed in the last commit for a given file |
|
||||||
|
|
||||||
|
|
||||||
Compatibility:
|
Compatibility:
|
||||||
============================
|
============================
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,9 @@
|
|||||||
# Library functions for bash scripts at Stack Exchange.
|
# Library functions for bash scripts at Stack Exchange.
|
||||||
|
|
||||||
|
# NOTE: This file is open sourced. Do not put Stack-proprietary code here.
|
||||||
|
|
||||||
# Usage:
|
# Usage:
|
||||||
|
#
|
||||||
# set -e
|
# set -e
|
||||||
# . _stack_lib.sh
|
# . _stack_lib.sh
|
||||||
|
|
||||||
@@ -46,6 +49,48 @@ function add_on_exit()
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function create_self_deleting_tempfile() {
|
||||||
|
local filename
|
||||||
|
|
||||||
|
case $(uname -s) in
|
||||||
|
Darwin )
|
||||||
|
: ${TMPDIR:=/tmp} ;
|
||||||
|
filename=$(mktemp -t _stacklib_ )
|
||||||
|
;;
|
||||||
|
Linux )
|
||||||
|
filename=$(mktemp)
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
echo 'ERROR: Unknown OS. Exiting.'
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
add_on_exit rm -f "$filename"
|
||||||
|
echo "$filename"
|
||||||
|
}
|
||||||
|
|
||||||
|
function create_self_deleting_tempdir() {
|
||||||
|
local filename
|
||||||
|
|
||||||
|
case $(uname -s) in
|
||||||
|
Darwin )
|
||||||
|
: ${TMPDIR:=/tmp} ;
|
||||||
|
filename=$(mktemp -d -t _stacklib_ )
|
||||||
|
;;
|
||||||
|
Linux )
|
||||||
|
filename=$(mktemp -d)
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
echo 'ERROR: Unknown OS. Exiting.'
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
add_on_exit rm -rf "$filename"
|
||||||
|
echo "$filename"
|
||||||
|
}
|
||||||
|
|
||||||
# Securely and portably create a temporary file that will be deleted
|
# Securely and portably create a temporary file that will be deleted
|
||||||
# on EXIT. $1 is the variable name to store the result.
|
# on EXIT. $1 is the variable name to store the result.
|
||||||
function make_self_deleting_tempfile() {
|
function make_self_deleting_tempfile() {
|
||||||
@@ -55,14 +100,11 @@ function make_self_deleting_tempfile() {
|
|||||||
case $(uname -s) in
|
case $(uname -s) in
|
||||||
Darwin )
|
Darwin )
|
||||||
: ${TMPDIR:=/tmp} ;
|
: ${TMPDIR:=/tmp} ;
|
||||||
name=$(mktemp -t _stacklib_.XXXXXXX )
|
name=$(mktemp -t _stacklib_ )
|
||||||
;;
|
;;
|
||||||
Linux )
|
Linux )
|
||||||
name=$(mktemp)
|
name=$(mktemp)
|
||||||
;;
|
;;
|
||||||
CYGWIN* )
|
|
||||||
name=$(mktemp)
|
|
||||||
;;
|
|
||||||
* )
|
* )
|
||||||
echo 'ERROR: Unknown OS. Exiting.'
|
echo 'ERROR: Unknown OS. Exiting.'
|
||||||
exit 1
|
exit 1
|
||||||
@@ -79,15 +121,12 @@ function make_tempdir() {
|
|||||||
|
|
||||||
case $(uname -s) in
|
case $(uname -s) in
|
||||||
Darwin )
|
Darwin )
|
||||||
: "${TMPDIR:=/tmp}" ;
|
: ${TMPDIR:=/tmp} ;
|
||||||
name=$(mktemp -d -t _stacklib_ )
|
name=$(mktemp -d -t _stacklib_ )
|
||||||
;;
|
;;
|
||||||
Linux )
|
Linux )
|
||||||
name=$(mktemp -d)
|
name=$(mktemp -d)
|
||||||
;;
|
;;
|
||||||
CYGWIN* )
|
|
||||||
name=$(mktemp -d)
|
|
||||||
;;
|
|
||||||
* )
|
* )
|
||||||
echo 'ERROR: Unknown OS. Exiting.'
|
echo 'ERROR: Unknown OS. Exiting.'
|
||||||
exit 1
|
exit 1
|
||||||
@@ -99,12 +138,12 @@ function make_tempdir() {
|
|||||||
|
|
||||||
function make_self_deleting_tempdir() {
|
function make_self_deleting_tempdir() {
|
||||||
local __resultvar="$1"
|
local __resultvar="$1"
|
||||||
local dirname
|
local dname
|
||||||
|
|
||||||
make_tempdir dirname
|
make_tempdir dname
|
||||||
|
|
||||||
add_on_exit rm -rf "$dirname"
|
add_on_exit rm -rf "$dname"
|
||||||
eval $__resultvar="$dirname"
|
eval $__resultvar="$dname"
|
||||||
}
|
}
|
||||||
|
|
||||||
function fail_if_not_running_as_root() {
|
function fail_if_not_running_as_root() {
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blackbox_cat.sh -- Decrypt a file, cat it, shred it
|
# blackbox_cat -- Decrypt a file, cat it, shred it
|
||||||
#
|
#
|
||||||
set -e
|
set -e
|
||||||
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blacbox_decrypt_all_files -- Decrypt all blackbox files.
|
# blacbox_decrypt_all_files -- Decrypt all blackbox files (INTERACTIVE).
|
||||||
#
|
#
|
||||||
|
|
||||||
# Usage:
|
# Usage:
|
||||||
@@ -15,6 +15,8 @@ export PATH=/usr/bin:/bin:"$PATH"
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
eval $(gpg-agent --daemon)
|
if [[ -z $GPG_AGENT_INFO ]]; then
|
||||||
|
eval $(gpg-agent --daemon)
|
||||||
|
fi
|
||||||
|
|
||||||
exec blackbox_postdeploy.sh "$@"
|
exec blackbox_postdeploy.sh "$@"
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blackbox_edit.sh -- Decrypt a file temporarily for edition, then re-encrypts it again
|
# blackbox_edit -- Decrypt a file temporarily for edition, then re-encrypts it again
|
||||||
#
|
#
|
||||||
set -e
|
set -e
|
||||||
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blackbox_edit_start.sh -- Decrypt a file for editing.
|
# blackbox_edit_start -- Decrypt a file for editing.
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blackbox_list_files.sh -- List files that black box is tracking
|
# blackbox_list_files -- List files that black box is tracking
|
||||||
#
|
#
|
||||||
set -e
|
set -e
|
||||||
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
#
|
#
|
||||||
# blackbox_register_new_file.sh -- Enroll a new file in the blackbox system.
|
# blackbox_register_new_file -- Enroll a new file in the blackbox system.
|
||||||
#
|
#
|
||||||
# Takes a previously unencrypted file and enrolls it into the blackbox
|
# Takes a previously unencrypted file and enrolls it into the blackbox
|
||||||
# system. It will be kept in the repo as an encrypted file. On deployment
|
# system. It will be kept in the repo as an encrypted file. On deployment
|
||||||
|
|||||||
@@ -2,13 +2,16 @@ exec bin/_blackbox_common.sh ../bin/_blackbox_common.sh
|
|||||||
exec bin/_stack_lib.sh ../bin/_stack_lib.sh
|
exec bin/_stack_lib.sh ../bin/_stack_lib.sh
|
||||||
exec bin/blackbox_addadmin ../bin/blackbox_addadmin
|
exec bin/blackbox_addadmin ../bin/blackbox_addadmin
|
||||||
exec bin/blackbox_cat ../bin/blackbox_cat
|
exec bin/blackbox_cat ../bin/blackbox_cat
|
||||||
|
exec bin/blackbox_decrypt_all_files ../bin/blackbox_decrypt_all_files
|
||||||
|
exec bin/blackbox_diff ../bin/blackbox_diff
|
||||||
exec bin/blackbox_edit ../bin/blackbox_edit
|
exec bin/blackbox_edit ../bin/blackbox_edit
|
||||||
exec bin/blackbox_edit_end ../bin/blackbox_edit_end
|
exec bin/blackbox_edit_end ../bin/blackbox_edit_end
|
||||||
exec bin/blackbox_edit_start ../bin/blackbox_edit_start
|
exec bin/blackbox_edit_start ../bin/blackbox_edit_start
|
||||||
exec bin/blackbox_initialize ../bin/blackbox_initialize
|
exec bin/blackbox_initialize ../bin/blackbox_initialize
|
||||||
|
exec bin/blackbox_list_files ../bin/blackbox_list_files
|
||||||
exec bin/blackbox_postdeploy ../bin/blackbox_postdeploy
|
exec bin/blackbox_postdeploy ../bin/blackbox_postdeploy
|
||||||
exec bin/blackbox_register_new_file ../bin/blackbox_register_new_file
|
exec bin/blackbox_register_new_file ../bin/blackbox_register_new_file
|
||||||
exec bin/blackbox_removeadmin ../bin/blackbox_removeadmin
|
exec bin/blackbox_removeadmin ../bin/blackbox_removeadmin
|
||||||
exec bin/blackbox_shred_all_files ../bin/blackbox_shred_all_files
|
exec bin/blackbox_shred_all_files ../bin/blackbox_shred_all_files
|
||||||
exec bin/blackbox_update_all_files ../bin/blackbox_update_all_files
|
exec bin/blackbox_update_all_files ../bin/blackbox_update_all_files
|
||||||
exec bin/blackbox_list_files ../bin/blackbox_list_files
|
exec bin/blackbox_whatsnew ../bin/blackbox_whatsnew
|
||||||
|
|||||||
@@ -3,13 +3,16 @@ exec /usr/blackbox/bin/_blackbox_common.sh ../bin/_blackbox_common.sh
|
|||||||
exec /usr/blackbox/bin/_stack_lib.sh ../bin/_stack_lib.sh
|
exec /usr/blackbox/bin/_stack_lib.sh ../bin/_stack_lib.sh
|
||||||
exec /usr/blackbox/bin/blackbox_addadmin ../bin/blackbox_addadmin
|
exec /usr/blackbox/bin/blackbox_addadmin ../bin/blackbox_addadmin
|
||||||
exec /usr/blackbox/bin/blackbox_cat ../bin/blackbox_cat
|
exec /usr/blackbox/bin/blackbox_cat ../bin/blackbox_cat
|
||||||
|
exec /usr/blackbox/bin/blackbox_decrypt_all_files ../bin/blackbox_decrypt_all_files
|
||||||
|
exec /usr/blackbox/bin/blackbox_diff ../bin/blackbox_diff
|
||||||
exec /usr/blackbox/bin/blackbox_edit ../bin/blackbox_edit
|
exec /usr/blackbox/bin/blackbox_edit ../bin/blackbox_edit
|
||||||
exec /usr/blackbox/bin/blackbox_edit_end ../bin/blackbox_edit_end
|
exec /usr/blackbox/bin/blackbox_edit_end ../bin/blackbox_edit_end
|
||||||
exec /usr/blackbox/bin/blackbox_edit_start ../bin/blackbox_edit_start
|
exec /usr/blackbox/bin/blackbox_edit_start ../bin/blackbox_edit_start
|
||||||
exec /usr/blackbox/bin/blackbox_initialize ../bin/blackbox_initialize
|
exec /usr/blackbox/bin/blackbox_initialize ../bin/blackbox_initialize
|
||||||
|
exec /usr/blackbox/bin/blackbox_list_files ../bin/blackbox_list_files
|
||||||
exec /usr/blackbox/bin/blackbox_postdeploy ../bin/blackbox_postdeploy
|
exec /usr/blackbox/bin/blackbox_postdeploy ../bin/blackbox_postdeploy
|
||||||
exec /usr/blackbox/bin/blackbox_register_new_file ../bin/blackbox_register_new_file
|
exec /usr/blackbox/bin/blackbox_register_new_file ../bin/blackbox_register_new_file
|
||||||
exec /usr/blackbox/bin/blackbox_removeadmin ../bin/blackbox_removeadmin
|
exec /usr/blackbox/bin/blackbox_removeadmin ../bin/blackbox_removeadmin
|
||||||
exec /usr/blackbox/bin/blackbox_shred_all_files ../bin/blackbox_shred_all_files
|
exec /usr/blackbox/bin/blackbox_shred_all_files ../bin/blackbox_shred_all_files
|
||||||
exec /usr/blackbox/bin/blackbox_update_all_files ../bin/blackbox_update_all_files
|
exec /usr/blackbox/bin/blackbox_update_all_files ../bin/blackbox_update_all_files
|
||||||
exec /usr/blackbox/bin/blackbox_list_files ../bin/blackbox_list_files
|
exec /usr/blackbox/bin/blackbox_whatsnew ../bin/blackbox_whatsnew
|
||||||
|
|||||||
Reference in New Issue
Block a user