|
|
|
@ -146,6 +146,10 @@
|
|
|
|
|
Disable the permission changes to $HOME/.ssh/*. This feature is
|
|
|
|
|
enabled by default.
|
|
|
|
|
|
|
|
|
|
yadm.gpg-perms
|
|
|
|
|
Disable the permission changes to $HOME/.gnupg/*. This feature
|
|
|
|
|
is enabled by default.
|
|
|
|
|
|
|
|
|
|
## ALTERNATES
|
|
|
|
|
When managing a set of files across different systems, it can be useful
|
|
|
|
|
to have an automated way of choosing an alternate version of a file for
|
|
|
|
@ -199,18 +203,20 @@
|
|
|
|
|
abled, links can be manually created by running yadm alt.
|
|
|
|
|
|
|
|
|
|
## ENCRYPTION
|
|
|
|
|
It can be useful to manage confidential files, like SSH keys, across
|
|
|
|
|
multiple systems. However, doing so would put plain text data into a
|
|
|
|
|
Git repository, which often resides on a public system. yadm imple-
|
|
|
|
|
ments a feature which can make it easy to encrypt and decrypt a set of
|
|
|
|
|
files so the encrypted version can be maintained in the Git repository.
|
|
|
|
|
This feature will only work if the gpg(1) command is available.
|
|
|
|
|
It can be useful to manage confidential files, like SSH or GPG keys,
|
|
|
|
|
across multiple systems. However, doing so would put plain text data
|
|
|
|
|
into a Git repository, which often resides on a public system. yadm
|
|
|
|
|
implements a feature which can make it easy to encrypt and decrypt a
|
|
|
|
|
set of files so the encrypted version can be maintained in the Git
|
|
|
|
|
repository. This feature will only work if the gpg(1) command is
|
|
|
|
|
available.
|
|
|
|
|
|
|
|
|
|
To use this feature, a list of patterns must be created and saved as
|
|
|
|
|
$HOME/.yadm/encrypt. This list of patterns should be relative to the
|
|
|
|
|
configured work-tree (usually $HOME). For example:
|
|
|
|
|
|
|
|
|
|
.ssh/*.key
|
|
|
|
|
.gnupg/*.gpg
|
|
|
|
|
|
|
|
|
|
The yadm encrypt command will find all files matching the patterns, and
|
|
|
|
|
prompt for a password. Once a password has confirmed, the matching
|
|
|
|
@ -240,6 +246,8 @@
|
|
|
|
|
|
|
|
|
|
- The SSH directory and files, .ssh/*
|
|
|
|
|
|
|
|
|
|
- The GPG directory and files, .gnupg/*
|
|
|
|
|
|
|
|
|
|
yadm will automatically update permissions by default. This can be dis-
|
|
|
|
|
abled using the yadm.auto-perms configuration. Even if disabled, per-
|
|
|
|
|
missions can be manually updated by running yadm perms. The SSH direc-
|
|
|
|
|