logo

secret

Replacement to pass(1) based on reop(1)git clone https://hacktivis.me/git/secret.git

pass2secret (942B)


  1. #!/bin/sh
  2. # pass2secret: Converts pass(1) storage to secret(1) storage
  3. # Copyright 2020 Haelwenn (lanodan) Monnier <contact+secret@hacktivis.me>
  4. # SPDX-License-Identifier: ISC
  5. OLDPWD="$PWD"
  6. workdir="$HOME/.secret-storage/"
  7. PASSWORD_STORE_DIR="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
  8. export SECRET_FILE="/dev/shm/pass2secret"
  9. set -e
  10. touch "$SECRET_FILE"
  11. chmod 700 "$SECRET_FILE"
  12. printf "secret(1) passphrase: "
  13. read -r passphrase
  14. echo
  15. # Create needed directories
  16. cd "$workdir"
  17. (cd "$PASSWORD_STORE_DIR" && find . -type d | grep -v ./.git) | xargs mkdir -p
  18. # Convert each entry
  19. (
  20. cd "$PASSWORD_STORE_DIR"
  21. find . -type f -name '*.gpg' | sed -e 's;\.gpg$;;' -e 's;^./;;'
  22. ) | while read -r entry
  23. do
  24. ( pass show "$entry" && echo ) > "$SECRET_FILE"
  25. if [ ! -f "$workdir/$entry.reop" ]
  26. then echo "$passphrase" | secret write "$entry"
  27. else echo "following entry exists, ignoring: $entry"
  28. fi
  29. done
  30. shred -u "$SECRET_FILE"
  31. cd "$OLDPWD"