logo

secret

Replacement to pass(1) based on reop(1)git clone https://hacktivis.me/git/secret.git

pass2secret (942B)

    

  1. #!/bin/sh
  2. # pass2secret: Converts pass(1) storage to secret(1) storage
  3. # Copyright 2020 Haelwenn (lanodan) Monnier <contact+secret@hacktivis.me>
  4. # SPDX-License-Identifier: ISC
  5. OLDPWD="$PWD"
  6. workdir="$HOME/.secret-storage/"
  7. PASSWORD_STORE_DIR="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
  8. export SECRET_FILE="/dev/shm/pass2secret"
  10. set -e
  12. touch "$SECRET_FILE"
  13. chmod 700 "$SECRET_FILE"
  15. printf "secret(1) passphrase: "
  16. read -r passphrase
  17. echo
  19. # Create needed directories
  20. cd "$workdir"
  21. (cd "$PASSWORD_STORE_DIR" && find . -type d | grep -v ./.git) | xargs mkdir -p
  23. # Convert each entry
  24. (
  25. 	cd "$PASSWORD_STORE_DIR"
  26. 	find . -type f -name '*.gpg' | sed -e 's;\.gpg$;;' -e 's;^./;;'
  27. ) | while read -r entry
  28. do
  29. 	( pass show "$entry" && echo ) > "$SECRET_FILE"
  30. 	if [ ! -f "$workdir/$entry.reop" ]
  31. 	then echo "$passphrase" | secret write "$entry"
  32. 	else echo "following entry exists, ignoring: $entry"
  33. 	fi
  34. done
  36. shred -u "$SECRET_FILE"
  37. cd "$OLDPWD"