#!/bin/bash
# yadm - Yet Another Dotfiles Manager
# Copyright (C) 2015 Tim Byrne
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
VERSION=1.04
YADM_WORK="$HOME"
YADM_DIR="$HOME/.yadm"
YADM_REPO="repo.git"
YADM_CONFIG="config"
YADM_ENCRYPT="encrypt"
YADM_ARCHIVE="files.gpg"
#; flag when something may have changes (which prompts auto actions to be performed)
CHANGES_POSSIBLE=0
function main() {
require_git
#; create the YADM_DIR if it doesn't exist yet
[ -d "$YADM_DIR" ] || mkdir -p "$YADM_DIR"
#; parse command line arguments
internal_commands="^(alt|clean|clone|config|decrypt|encrypt|help|init|list|perms|version)$"
if [ -z "$*" ] ; then
#; no argumnts will result in help()
help
elif [[ "$1" =~ $internal_commands ]] ; then
#; for internal commands, process all of the arguments
YADM_COMMAND="$1"
YADM_ARGS=()
shift
while [[ $# -gt 0 ]] ; do
key="$1"
case $key in
-a) #; used by list()
LIST_ALL="YES"
;;
-d) #; used by all commands
DEBUG="YES"
;;
-f) #; used by init() and clone()
FORCE="YES"
;;
-l) #; used by decrypt()
DO_LIST="YES"
;;
-w) #; used by init() and clone()
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified work tree"
fi
YADM_WORK="$2"
shift
;;
*) #; any unhandled arguments
YADM_ARGS+=("$1")
;;
esac
shift
done
[ ! -d "$YADM_WORK" ] && error_out "Work tree does not exist: [$YADM_WORK]"
$YADM_COMMAND "${YADM_ARGS[@]}"
else
#; any other commands are simply passed through to git
git_command "$@"
fi
#; process automatic events
auto_alt
auto_perms
exit 0
}
#; ****** yadm Commands ******
function alt() {
require_repo
#; regex for matching "<file>##SYSTEM.HOSTNAME.USER"
match_system=$(uname -s)
match_host=$(hostname -s)
match_user=$(id -u -n)
match="^(.+)##($match_system|$match_system.$match_host|$match_system.$match_host.$match_user|())$"
#; process relative to YADM_WORK
YADM_WORK=$(git config core.worktree)
cd "$YADM_WORK" || {
debug "Alternates not processed, unable to cd to $YADM_WORK"
return
}
#; only be noisy if the "alt" command was run directly
[ "$YADM_COMMAND" = "alt" ] && loud="YES"
#; loop over all "tracked" files
#; for every file which matches the above regex, create a symlink
for tracked_file in $(git ls-files | sort); do
tracked_file="$YADM_WORK/$tracked_file"
if [ -e "$tracked_file" ] ; then
if [[ $tracked_file =~ $match ]] ; then
new_link="${BASH_REMATCH[1]}"
debug "Linking $tracked_file to $new_link"
[ -n "$loud" ] && echo "Linking $tracked_file to $new_link"
ln -fs "$tracked_file" "$new_link"
fi
fi
done
}
function clean() {
error_out "\"git clean\" has been disabled for safety. You could end up removing all unmanaged files."
}
function clone() {
#; clone will begin with a bare repo
init
#; add the specified remote, and configure the repo to track origin/master
debug "Adding remote to new repo"
git remote add origin "$1"
debug "Configuring new repo to track origin/master"
git config branch.master.remote origin
git config branch.master.merge refs/heads/master
#; fetch / merge (and possibly fallback to reset)
debug "Doing an initial fetch of the origin"
git fetch origin || {
debug "Removing repo after failed clone"
rm -rf "$YADM_REPO"
error_out "Unable to fetch origin $1"
}
debug "Doing an initial merge of origin/master"
git merge origin/master || {
debug "Merge failed, doing a reset."
git reset origin/master
cat <<EOF
**NOTE**
Merging origin/master failed.
yadm did 'reset origin/master' instead.
This likely happened because you had files in your
work-tree, which conflict files tracked by origin/master
Please review and resolve any differences appropriately
If you know what you're doing, and want to overwrite the
tracked files, consider 'yadm reset --hard origin/master'
EOF
}
CHANGES_POSSIBLE=1
}
function config() {
#; ensure we have a file, even if empty
[ -f "$YADM_CONFIG" ] || touch "$YADM_CONFIG"
if [ -z "$*" ] ; then
#; with no parameters, provide some helpful documentation
echo TODO: Print help about available yadm configurations
else
#; operate on the yadm configuration file
git config --file="$YADM_CONFIG" "$@"
fi
}
function decrypt() {
require_gpg
require_archive
YADM_WORK=$(git config core.worktree)
if [ "$DO_LIST" = "YES" ] ; then
tar_option="t"
else
tar_option="x"
fi
#; decrypt the archive
(gpg -d "$YADM_ARCHIVE" || echo 1) | tar v$tar_option -C "$YADM_WORK"
if [ $? = 0 ] ; then
[ ! "$DO_LIST" = "YES" ] && echo "All files decrypted."
else
error_out "Unable to extract encrypted files."
fi
CHANGES_POSSIBLE=1
}
function encrypt() {
require_gpg
require_encrypt
#; process relative to YADM_WORK
YADM_WORK=$(git config core.worktree)
cd "$YADM_WORK" || {
debug "Encryption not processed, unable to cd to $YADM_WORK"
return
}
#; Build gpg options for gpg
GPG_KEY="$(config yadm.gpg-recipient)"
if [ "$GPG_KEY" = "ASK" ]; then
GPG_OPTS=("--no-default-recipient" "-e")
elif [ "$GPG_KEY" != "" ]; then
GPG_OPTS=("-e" "-r $GPG_KEY")
else
GPG_OPTS=("-c")
fi
#; build a list of globs from YADM_ENCRYPT
GLOBS=()
while IFS='' read -r glob || [ -n "$glob" ]; do
if [[ ! $glob =~ ^# ]] ; then
GLOBS=("${GLOBS[@]}" $(eval /bin/ls "$glob" 2>/dev/null))
fi
done < "$YADM_ENCRYPT"
#; report which files will be encrypted
echo "Encrypting the following files:"
ls -1 "${GLOBS[@]}"
echo
#; encrypt all files which match the globs
tar -c "${GLOBS[@]}" | gpg --yes "${GPG_OPTS[@]}" --output "$YADM_ARCHIVE"
if [ $? = 0 ]; then
echo "Wrote new file: $YADM_ARCHIVE"
else
error_out "Unable to write $YADM_ARCHIVE"
fi
#; offer to add YADM_ARCHIVE if untracked
archive_status=$(git status --porcelain -uall "$YADM_ARCHIVE" 2>/dev/null)
archive_regex="^\?\?"
if [[ $archive_status =~ $archive_regex ]] ; then
echo "It appears that $YADM_ARCHIVE is not tracked by yadm's repository."
echo "Would you like to add it now? (y/n)"
read -r answer
if [[ $answer =~ ^[yY]$ ]] ; then
git add "$YADM_ARCHIVE"
fi
fi
CHANGES_POSSIBLE=1
}
function git_command() {
require_repo
#; translate 'gitconfig' to 'config' -- 'config' is reserved for yadm
if [ "$1" = "gitconfig" ] ; then
set -- "config" "${@:2}"
fi
#; pass commands through to git
git "$@"
CHANGES_POSSIBLE=1
}
function help() {
cat << EOF
Usage: yadm <command> [options...]
Manage dotfiles maintained in a Git repository. Manage alternate files
for specific systems or hosts. Encrypt/decrypt private files.
Git Commands:
Any Git command or alias can be used as a <command>. It will operate
on yadm's repository and files in the work tree (usually \$HOME).
Commands:
yadm init [-f] - Initialize an empty repository
yadm clone <url> [-f] - Clone an existing repository
yadm config <name> <value> - Configure a setting
yadm list [-a] - List tracked files
yadm alt - Create links for alternates
yadm encrypt - Encrypt files
yadm decrypt [-l] - Decrypt files
yadm perms - Fix perms for private files
Files:
\$HOME/.yadm/config - yadm's configuration file
\$HOME/.yadm/repo.git - yadm's Git repository
\$HOME/.yadm/encrypt - List of globs used for encrypt/decrypt
\$HOME/.yadm/files.gpg - Encrypted data stored here
Use "man yadm" for complete documentation.
EOF
exit 1
}
function init() {
#; safety check, don't attempt to init when the repo is already present
[ -d "$YADM_REPO" ] && [ -z "$FORCE" ] && \
error_out "Git repo already exists. [$YADM_REPO]\nUse '-f' if you want to force it to be overwritten."
#; remove existing if forcing the init to happen anyway
[ -d "$YADM_REPO" ] && {
debug "Removing existing repo prior to init"
rm -rf "$YADM_REPO"
}
#; init a new bare repo
debug "Init new repo"
git init --shared=0600 --bare "$YADM_REPO"
configure_repo
CHANGES_POSSIBLE=1
}
function list() {
require_repo
#; process relative to YADM_WORK when --all is specified
if [ -n "$LIST_ALL" ] ; then
YADM_WORK=$(git config core.worktree)
cd "$YADM_WORK" || {
debug "List not processed, unable to cd to $YADM_WORK"
return
}
fi
#; list tracked files
git ls-files
}
function perms() {
#; TODO: prevent repeats in the files changed
#; process relative to YADM_WORK
YADM_WORK=$(git config core.worktree)
cd "$YADM_WORK" || {
debug "Perms not processed, unable to cd to $YADM_WORK"
return
}
GLOBS=()
#; include the archive created by "encrypt"
[ -f "$YADM_ARCHIVE" ] && GLOBS=("${GLOBS[@]}" "$YADM_ARCHIVE")
#; include all .ssh files (unless disabled)
if [[ $(config --bool yadm.ssh-perms) != "false" ]] ; then
GLOBS=("${GLOBS[@]}" ".ssh" ".ssh/*")
fi
#; include all gpg files (unless disabled)
if [[ $(config --bool yadm.gpg-perms) != "false" ]] ; then
GLOBS=("${GLOBS[@]}" ".gnupg" ".gnupg/*")
fi
#; include globs found in YADM_ENCRYPT (if present)
if [ -f "$YADM_ENCRYPT" ] ; then
while IFS='' read -r glob || [ -n "$glob" ]; do
if [[ ! $glob =~ ^# ]] ; then
GLOBS=("${GLOBS[@]}" $(eval /bin/ls "$glob" 2>/dev/null))
fi
done < "$YADM_ENCRYPT"
fi
#; remove group/other permissions from collected globs
#shellcheck disable=SC2068
#(SC2068 is disabled because in this case, we desire globbing)
chmod -f go-rwx ${GLOBS[@]} >/dev/null 2>&1
#; TODO: detect and report changing permissions in a portable way
}
function version() {
echo "yadm $VERSION"
exit 0
}
#; ****** Utility Functions ******
function process_global_args() {
#; global arguments are removed before the main processing is done
MAIN_ARGS=()
while [[ $# -gt 0 ]] ; do
key="$1"
case $key in
-Y|--yadm-dir) #; override the standard YADM_DIR
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified yadm directory"
fi
YADM_DIR="$2"
shift
;;
--yadm-repo) #; override the standard YADM_REPO
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified repo path"
fi
YADM_OVERRIDE_REPO="$2"
shift
;;
--yadm-config) #; override the standard YADM_CONFIG
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified config path"
fi
YADM_OVERRIDE_CONFIG="$2"
shift
;;
--yadm-encrypt) #; override the standard YADM_ENCRYPT
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified encrypt path"
fi
YADM_OVERRIDE_ENCRYPT="$2"
shift
;;
--yadm-archive) #; override the standard YADM_ARCHIVE
if [[ ! "$2" =~ ^/ ]] ; then
error_out "You must specify a fully qualified archive path"
fi
YADM_OVERRIDE_ARCHIVE="$2"
shift
;;
*) #; main arguments are kept intact
MAIN_ARGS+=("$1")
;;
esac
shift
done
}
function configure_paths() {
#; change all paths to be relative to YADM_DIR
YADM_REPO="$YADM_DIR/$YADM_REPO"
YADM_CONFIG="$YADM_DIR/$YADM_CONFIG"
YADM_ENCRYPT="$YADM_DIR/$YADM_ENCRYPT"
YADM_ARCHIVE="$YADM_DIR/$YADM_ARCHIVE"
#; independent overrides for paths
if [ -n "$YADM_OVERRIDE_REPO" ]; then
YADM_REPO="$YADM_OVERRIDE_REPO"
fi
if [ -n "$YADM_OVERRIDE_CONFIG" ]; then
YADM_CONFIG="$YADM_OVERRIDE_CONFIG"
fi
if [ -n "$YADM_OVERRIDE_ENCRYPT" ]; then
YADM_ENCRYPT="$YADM_OVERRIDE_ENCRYPT"
fi
if [ -n "$YADM_OVERRIDE_ARCHIVE" ]; then
YADM_ARCHIVE="$YADM_OVERRIDE_ARCHIVE"
fi
#; use the yadm repo for all git operations
export GIT_DIR="$YADM_REPO"
}
function configure_repo() {
debug "Configuring new repo"
#; change bare to false (there is a working directory)
git config core.bare 'false'
#; set the worktree for the yadm repo
git config core.worktree "$YADM_WORK"
#; by default, do not show untracked files and directories
git config status.showUntrackedFiles no
#; possibly used later to ensure we're working on the yadm repo
git config yadm.managed 'true'
}
function debug() {
[ -n "$DEBUG" ] && echo -e "DEBUG: $*"
}
function error_out() {
echo -e "ERROR: $*"
exit 1
}
#; ****** Auto Functions ******
function auto_alt() {
#; process alternates if there are possible changes
if [ "$CHANGES_POSSIBLE" = "1" ] ; then
auto_alt=$(config --bool yadm.auto-alt)
if [ "$auto_alt" != "false" ] ; then
alt
fi
fi
}
function auto_perms() {
#; process permissions if there are possible changes
if [ "$CHANGES_POSSIBLE" = "1" ] ; then
auto_perms=$(config --bool yadm.auto-perms)
if [ "$auto_perms" != "false" ] ; then
perms
fi
fi
}
#; ****** Prerequisites Functions ******
function require_archive() {
[ -f "$YADM_ARCHIVE" ] || error_out "$YADM_ARCHIVE does not exist. did you forget to create it?"
}
function require_encrypt() {
[ -f "$YADM_ENCRYPT" ] || error_out "$YADM_ENCRYPT does not exist. did you forget to create it?"
}
function require_git() {
command -v git >/dev/null 2>&1 || \
error_out "This functionality requires Git to be installed, but the command git cannot be located."
}
function require_gpg() {
command -v gpg >/dev/null 2>&1 || \
error_out "This functionality requires GPG to be installed, but the command gpg cannot be located."
}
function require_repo() {
[ -d "$YADM_REPO" ] || error_out "Git repo does not exist. did you forget to run 'init' or 'clone'?"
}
#; ****** Main processing (when not unit testing) ******
if [ "$YADM_TEST" != 1 ] ; then
process_global_args "$@"
configure_paths
main "${MAIN_ARGS[@]}"
fi