logo

secret

Replacement to pass(1) based on reop(1)

pass2secret (942B)


      1 #!/bin/sh
      2 # pass2secret: Converts pass(1) storage to secret(1) storage
      3 # Copyright 2020 Haelwenn (lanodan) Monnier <contact+secret@hacktivis.me>
      4 # SPDX-License-Identifier: ISC
      5 OLDPWD="$PWD"
      6 workdir="$HOME/.secret-storage/"
      7 PASSWORD_STORE_DIR="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
      8 export SECRET_FILE="/dev/shm/pass2secret"
      9 
     10 set -e
     11 
     12 touch "$SECRET_FILE"
     13 chmod 700 "$SECRET_FILE"
     14 
     15 printf "secret(1) passphrase: "
     16 read -r passphrase
     17 echo
     18 
     19 # Create needed directories
     20 cd "$workdir"
     21 (cd "$PASSWORD_STORE_DIR" && find . -type d | grep -v ./.git) | xargs mkdir -p
     22 
     23 # Convert each entry
     24 (
     25 	cd "$PASSWORD_STORE_DIR"
     26 	find . -type f -name '*.gpg' | sed -e 's;\.gpg$;;' -e 's;^./;;'
     27 ) | while read -r entry
     28 do
     29 	( pass show "$entry" && echo ) > "$SECRET_FILE"
     30 	if [ ! -f "$workdir/$entry.reop" ]
     31 	then echo "$passphrase" | secret write "$entry"
     32 	else echo "following entry exists, ignoring: $entry"
     33 	fi
     34 done
     35 
     36 shred -u "$SECRET_FILE"
     37 cd "$OLDPWD"