git-crypt
git-crypt copied to clipboard
AGWA
init with a pre-existing key file
Great tool!
I wanted to recreate my git repo - and so, I would like to initialize the git-crypt with the previously generated key file. Is this possible?
You need to export the key file from the original encrypted repo:
git-crypt export ~/crypt.key (email this to yourself as an attachment so you always have it)
Now for every new clone your encrypted remote just do the following:
git-crypt unlock ~/crypt.key
Note that you only have to git-crypt init once to get a key you can use for all repos.
Just add your .gitattributes to an unencrypted repo and run:
git-crypt unlock ~/crypt.key (this encrypts and unlocks your files)
git-crypt status -f (this stages your encrypted files)
Commit&Push (done!)
Tnx @dcerisano, I was able to make nix derivation that decrypts repo that was downloaded without .git dir
git-crypt-unlock-src = key: src: stdenv.mkDerivation {
name = "decrypted-source";
inherit src;
buildInputs = [ git-crypt git ];
phases = [ "installPhase" ];
installPhase = ''
set -e
mkdir -p $out
# copy content of folder to $out
cp -r $src/. $out
cd $out
# git crypt requires git
git init
# set only for this repo
git config user.email "[email protected]"
git config user.name "Your Name"
git add --all
git commit --quiet -m "foo"
# prevent "error: unable to unlink old... permission denied"
# see https://stackoverflow.com/questions/11774397/git-push-error-unable-to-unlink-old-permission-denied/11774432
chmod -R +w $out
git-crypt unlock ${key}
rm -rfd .git
'';
};
decrypted_my_src = git-crypt-unlock-src ./secrets/my.key my_src;
