The syntax is '{% include "file" %}' where file is either an absolute path or a
path relative to the current template file's directory.
Variables in the included file will be replaced as for the main template. But
the included file can't include files itself.
The newer versions (OpenSSL 1.1.1 or LibreSSL 2.9.1) support the pbkdf2
key derivation function, while older versions do not. In addition the
new versions have changed the default digest to SHA256 instead of MD5.
Files encrypted with older versions would throw warnings about
deprecated key derivation used files encrypted with newer versions +
pbkdf2 would not be decryptable using older versions These problems
matter, when many users maintain their dotfiles across different systems
with different levels of OpenSSL support.
A new boolean config option has been added, yadm.openssl-old
* If false, use options -pbkdf2 -iter 100000 -md sha512
* If true, use options -md md5 (and if decrypting with newer versions
warnings will be printed)
Adjusts the file mode check for BSD based systems as default BSD stat
uses "-f '%p'" to report the file mode. Also since `stat -p '%p'
"$filename"` reports more information than just read, write, execute
perms, pipe the output through `cut` to grab only the last three digits.
Signed-off-by: Adam Jimerson <vendion@gmail.com>
Update version number and update documentation
* Support for transcrypt (#197)
* Support ESH templates (#220)
* Preserve file mode of template (#193)
* Fish shell completions (#224)
* Fix alt processing when worktree is `/` (#198)
* Assert config directory if missing (#226, #227)
* Documentation improvements (#229)
FixesTheLocehiliosan/yadm#226
When a config file path is passed to yadm whose parent directory does
not exist, git (and hence yadm) fails without writing the file.
Yadm should, however, make sure that the directory exists s.t. git can
just write to the file.
This allows to version the configuration, using alt and to still be
able to use those configuration values in esh template
(using <% yamd config some-config %> )
This patch implements an OpenSSL cypher (via openssl enc command). It has to be enabled using yadm.cypher configuration key.
Some rough edges:
- archive file refers to GPG (.gpg extension)
- no test cases
Support is inherently provided by `enter`, which supports a command.
I've added a `transcrypt` command, which is really just an alias
under-the-hood for "enter transcrypt".
Update version number and update documentation
* Support multiple keys in `yadm.gpg-recipient` (#139)
* Ensure all templates are written atomically (#142)
* Add encrypt_with_checksums to the hooks collection (#188)
* Escape white space in YADM_HOOK_FULL_COMMAND (#187)
* Improve parsing of os-release (#194)
* Improve identification of WSL (#196)
* Fix troff warnings emitted by man page (#195)
* Write encrypt-based exclusions during decrypt
This takes jonasc's change, and applies it to all template writing. Also
removes the dependency on mktemp, and only moves files if they are
successfully written.
This prevents problems with programs which watch the file for changes and will
first be presented an empty file.
One such example which will show a notification message about an empty config
file is Alacritty.
By writing to a tempory file and then moving it (atomically?) to the real
location this problem is mitigated.
Update version number and update documentation
* Support git-crypt (#168)
* Support specifying a command after `yadm enter`
* Expose GIT_WORK_TREE during `yadm enter` (#160)
* Support GNUPGHOME environment variable (#134)
* Assert private dirs, only when worktree = $HOME (#171)
Support is inherently provided by `enter`, which now supports a command.
I've added a `git-crypt` command, which is really just an alias
under-the-hood for "enter git-crypt".
Update version number and update documentation
* Resolve hostname using `uname -n` (#182)
* Use /etc/os-release if lsb_release is missing (#175)
* Issue warning for any invalid alternates found (#183)
* Add support for gawk (#180)
Update version number and update documentation
* Use relative symlinks for alternates (#100, #177)
* Support double-star globs in .config/yadm/encrypt (#109)
* Improve bash completion (#136)
* Update docs about using magit (#123)
* Note exception for WSL (#113)
Update version number and update documentation
* Support XDG base directory specification
* Redesign alternate processing
* Add built-in default template processor
* Allow storing alternates in yadm dir (#90)
* Add support for j2cli template processor
* Ignore encrypted files (#69)
* Support DISTRO in alternates (#72)
* Support `source` in templates (#163)
* Change yadm.cygwin-copy to yadm.alt-copy
* Support `-b <branch>` when cloning (#133)
* Support includes for j2-based templates (#114)
* Remove stale/invalid linked alternates (#65)
* Add support for Mingw/Msys (#102)
* Allow `-l` to pass thru to the `yadm config` command
* Improve processing of `yadm/encrypt`
* Fix bugs in legacy alternate processing
* Fix bug with hidden private files
* Improve support for older versions of Git
* Add upgrade command
This change allows alternates to be stored in "$YADM_DIR/alt". The
correct path within the work tree will be symlinked.
Storing alternates within the work tree is still allowed. Both locations
will be considered when choosing an appropriate alternate file.
A new variable is exposed to templates, which holds the filename of the
template source. The primary use case is to be able to include a warning
message within the template. For example:
# Do not edit. This file auto-generated from {{ yadm.source }}.
