toml-bombadil
toml-bombadil copied to clipboard
[FEATURE] allow encrypting whole file
Is your feature request related to a problem? Please describe.
I'd like to manage my .ssh
with bombadil. It would be great to just add the files to the bombadil directly without needing to template the file. This would also help for confidential binary files.
Describe the solution you'd like
I'd like to have e.g. bombadil add-secret --whole-file /path/to/unencrypted/file --file path/to/config
encrypt the file and store in the given path with .gpg
appended.
On linking bombadil would decrypt each *.gpg
file (or only recorded ones, if we want to support unencrypted files named *.gpg
) into the .dots
dir.
Describe alternatives you've considered Use, e.g., git-secret to store the encrypted file in the repository and decrypt on checkout. This will need users to configure keys in two locations though.