RGBCube/agenix
1
Fork 0
mirror of https://github.com/RGBCube/agenix synced 2025-07-30 02:07:44 +00:00
Code Issues Activity Actions

use unstable verison of rage in place of age

Browse source 
* age limits the number of recipients to 20
* the latest release of rage (0.4.0) doesn't work with ssh-rsa keys
This commit is contained in:
Ryan Mulligan 2020-09-18 11:59:01 -07:00
parent d2dc883f3a
commit 07ce686870
5 changed files with 74 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

10
pkgs/agenix.nix
View file

@ -1,4 +1,8 @@
{writeShellScriptBin, runtimeShell, age} :
{writeShellScriptBin, runtimeShell, pkgs} :
let
rage = pkgs.callPackage ./rage.nix {};
ageBin = "${rage}/bin/rage";
in
writeShellScriptBin "agenix" ''
set -Eeuo pipefail
@ -103,7 +107,7 @@ function edit {
DECRYPT+=(--identity "$key")
done <<<"$((find ~/.ssh -maxdepth 1 -type f -not -name "*pub" -not -name "config" -not -name "authorized_keys" -not -name "known_hosts") || exit 1)"
DECRYPT+=(-o "$CLEARTEXT_FILE" "$FILE")
${age}/bin/age "''${DECRYPT[@]}" || exit 1
${ageBin} "''${DECRYPT[@]}" || exit 1
cp "$CLEARTEXT_FILE" "$CLEARTEXT_FILE.before"
fi
@ -127,7 +131,7 @@ function edit {
ENCRYPT+=(-o "$REENCRYPTED_FILE")
${age}/bin/age "''${ENCRYPT[@]}" <"$CLEARTEXT_FILE" || exit 1
${ageBin} "''${ENCRYPT[@]}" <"$CLEARTEXT_FILE" || exit 1
mv -f "$REENCRYPTED_FILE" "$1"
}

37
pkgs/rage.nix Normal file
View file

@ -0,0 +1,37 @@
{stdenv, rustPlatform, fetchFromGitHub, installShellFiles, darwin }:
rustPlatform.buildRustPackage rec {
pname = "rage";
version = "unstable-2020-09-05";
src = fetchFromGitHub {
owner = "str4d";
repo = pname;
rev = "8368992e60cbedb2d6b725c3e25440e65d8544d1";
sha256 = "sha256-ICcApZQrR4hGxo/RcFMktenE4dswAXA2/nJ5D++O2ig=";
};
cargoSha256 = "sha256-QwNtp7Hxsiads3bh8NRra25RdPbIdjp+pSWTllAvdmQ=";
nativeBuildInputs = [ installShellFiles ];
buildInputs = stdenv.lib.optionals stdenv.isDarwin [ darwin.Security ];
postBuild = ''
cargo run --example generate-docs
cargo run --example generate-completions
'';
postInstall = ''
installManPage target/manpages/*
installShellCompletion target/completions/*.{bash,fish,zsh}
'';
meta = with stdenv.lib; {
description = "A simple, secure and modern encryption tool with small explicit keys, no config options, and UNIX-style composability";
homepage = "https://github.com/str4d/rage";
changelog = "https://github.com/str4d/rage/releases/tag/v${version}";
license = licenses.asl20;
maintainers = [ maintainers.marsam ];
};
}