Just clone
- git clone git://git.sarava.org/keyringer.git
+ git clone git://git.sarava.org/keyringer.git
And then leave it somewhere, optionally adding it to your $PATH environment variable.
You can also package it to your preferred distro.
management of multiple isolated keyrings. To start a new keyring (or register
an existing one at your config file), type
- keyringer <keyring> init <path> [remote]
+
keyringer <keyring> init <path> [remote]
This will
For example,
- keyringer friends init $HOME/keyrings/friends
+ keyringer friends init $HOME/keyrings/friends
will create an alias "friends" pointing to $HOME/keyrings/friends. Call all
other keyring actions using this alias.
If there is an existing remote keyring repository and you just want to checkout
it, use
- keyringer friends init $HOME/keyrings/friends <repository-url>
+ keyringer friends init $HOME/keyrings/friends <repository-url>
Managing recipients
-------------------
Your next step is tell keyringer the GPG key ids to encrypt files to:
- keyringer <keyring> recipients edit
- keyringer <keyring> recipients ls
+ keyringer <keyring> recipients edit
+ keyringer <keyring> recipients ls
Encrypting a key
----------------
- keyringer <keyring> encrypt <file>
+ keyringer <keyring> encrypt <file>
Decrypting a key (only to stdout)
---------------------------------
- keyringer <keyring> decrypt <file>
+ keyringer <keyring> decrypt <file>
Re-encrypting a key
-------------------
- keyringer <keyring> recrypt <file>
+ keyringer <keyring> recrypt <file>
Listing keys
------------
- keyringer <keyring> ls [arguments]
+ keyringer <keyring> ls [arguments]
Git wrapper
-----------
Keyringer comes with a simple git wrapper to ease common management tasks:
- keyringer <keyring> git remote add keyringer <url>
- keyringer <keyring> git push keyringer master
- keyringer <keyring> git pull
+ keyringer <keyring> git remote add keyringer <url>
+ keyringer <keyring> git push keyringer master
+ keyringer <keyring> git pull
Managing puppet node keys
-------------------------
Keyringer is able to manage node keys for puppet nodes. First add the puppet
main and key folders into your keyring configuration:
- keyringer <keyring> options add PUPPET=/path/to/puppet/config
- keyringer <keyring> options add PUPPET_KEYS=/path/to/puppet/keys
+ keyringer <keyring> preferences add PUPPET=/path/to/puppet/config
+ keyringer <keyring> preferences add PUPPET_KEYS=/path/to/puppet/keys
Then you just need to issue the following command every time you have to create
keys for new nodes:
- keyringer <keyring> newkeys puppet
+ keyringer <keyring> newkeys puppet
+
+Configuration files, preferences and options
+--------------------------------------------
+
+ 1. Main config file: $HOME/.keyringer/config: store the location of
+ each keyring.
+
+ 2. User preferences per keyring: $HOME/.keyringer/<keyring>: managed by
+ "keyringer <keyring> preferences".
+
+ 3. Custom keyring options: $KEYRING_FOLDER/config/options: managed by
+ "keyringer <keyring> options".
Notes
-----
Exporting public keys:
- gpg --armor --export <keyid>
+ gpg --armor --export <keyid>
Exporting private keys (take care):
- gpg --armor --export-secret-keys
+ gpg --armor --export-secret-keys
TODO
----
fi
}
+function keyringer_preferences {
+ COMMAND="$3"
+
+ if [ -z "$COMMAND" ]; then
+ echo "Usage: keyringer <keyring> `basename $0` <command> [arguments]"
+ exit 1
+ fi
+
+ # Create options file if old repository
+ if [ ! -e "$PREFERENCES" ]; then
+ echo "Creating preferences file..."
+ touch $PREFERENCES
+ fi
+
+ if [ "$COMMAND" == "ls" ]; then
+ cat $PREFERENCES
+ elif [ "$COMMAND" == "edit" ]; then
+ $EDITOR $PREFERENCES
+ elif [ "$COMMAND" == "add" ]; then
+ shift 3
+ echo $* >> $PREFERENCES
+ else
+ echo "$BASENAME: No such command $COMMAND"
+ exit 1
+ fi
+}
+
# Config
NAME="keyringer"
-CONFIG="$HOME/.$NAME"
+CONFIG="$HOME/.$NAME/config"
BASENAME="`basename $0`"
KEYRING="$1"
ACTION="$2"
ACTIONS="`dirname $0`/share/$NAME"
+# Export preferences for other scripts
+export PREFERENCES="`dirname $CONFIG`/$KEYRING"
+
# Load functions
LIB="`dirname $0`/lib/$NAME/functions"
source $LIB
-if [ ! -e "$CONFIG" ]; then
- echo "Creating $CONFIG..."
- touch $CONFIG
- chmod 600 $CONFIG
- echo "# Keyringer config file." > $CONFIG
- echo "" >> $CONFIG
-fi
+# Setup main configuration and load preferences
+keyringer_config_load
if [ -z "$ACTION" ]; then
echo "Usage: $BASENAME <keyring> <action> [arguments]"
if [ "$ACTION" == "init" ]; then
keyringer_init $*
+elif [ "$ACTION" == "preferences" ]; then
+ keyringer_preferences $*
elif keyringer_has_action $ACTION; then
keyringer_dispatch $*
else
# Common functions.
#
+# Setup main configuration and load preferences
+function keyringer_config_load {
+ if [ -f "$HOME/.$NAME" ]; then
+ echo "Converting legacy configuration scheme..."
+ mv $HOME/.$NAME $HOME/.$NAME.tmp
+ mkdir $HOME/.$NAME
+ mv $HOME/.$NAME.tmp $CONFIG
+ fi
+
+ if [ ! -e "$CONFIG" ]; then
+ echo "Creating $CONFIG..."
+ mkdir `dirname $CONFIG`
+ touch $CONFIG
+ chmod 600 $CONFIG
+ echo "# Keyringer config file." > $CONFIG
+ echo "" >> $CONFIG
+ fi
+
+ keyringer_config_load_preferences
+}
+
+function keyringer_config_load_preferences {
+ # Load custom keyring preferences
+ if [ ! -z "$PREFERENCES" ] && [ -e "$PREFERENCES" ]; then
+ source $PREFERENCES
+ fi
+}
+
# Load a parameter from config
function keyringer_config {
if [ -z "$CONFIG" ]; then
projects / keyringer.git / commitdiff