#!/bin/sh # yadm - Yet Another Dotfiles Manager # Copyright (C) 2015 Tim Byrne # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, version 3 of the License. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . #; execute script with bash (shebang line is /bin/sh for portability) if [ -z "$BASH_VERSION" ]; then [ "$YADM_TEST" != 1 ] && exec bash "$0" "$@" fi VERSION=1.05 YADM_WORK="$HOME" YADM_DIR="$HOME/.yadm" YADM_REPO="repo.git" YADM_CONFIG="config" YADM_ENCRYPT="encrypt" YADM_ARCHIVE="files.gpg" GPG_PROGRAM="gpg" LS_PROGRAM="/bin/ls" #; flag when something may have changes (which prompts auto actions to be performed) CHANGES_POSSIBLE=0 function main() { require_git #; create the YADM_DIR if it doesn't exist yet [ -d "$YADM_DIR" ] || mkdir -p "$YADM_DIR" #; parse command line arguments local retval=0 internal_commands="^(alt|clean|clone|config|decrypt|encrypt|help|init|list|perms|version)$" if [ -z "$*" ] ; then #; no argumnts will result in help() help elif [[ "$1" =~ $internal_commands ]] ; then #; for internal commands, process all of the arguments YADM_COMMAND="$1" YADM_ARGS=() shift while [[ $# -gt 0 ]] ; do key="$1" case $key in -a) #; used by list() LIST_ALL="YES" ;; -d) #; used by all commands DEBUG="YES" ;; -f) #; used by init() and clone() FORCE="YES" ;; -l) #; used by decrypt() DO_LIST="YES" ;; -w) #; used by init() and clone() if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified work tree" fi YADM_WORK="$2" shift ;; *) #; any unhandled arguments YADM_ARGS+=("$1") ;; esac shift done [ ! -d "$YADM_WORK" ] && error_out "Work tree does not exist: [$YADM_WORK]" $YADM_COMMAND "${YADM_ARGS[@]}" else #; any other commands are simply passed through to git git_command "$@" retval="$?" fi #; process automatic events auto_alt auto_perms exit $retval } #; ****** yadm Commands ****** function alt() { require_repo #; regex for matching "##SYSTEM.HOSTNAME.USER" match_system=$(uname -s) match_host=$(hostname) match_host=${match_host%%.*} #; trim any domain from hostname match_user=$(id -u -n) match="^(.+)##($match_system|$match_system.$match_host|$match_system.$match_host.$match_user|())$" #; process relative to YADM_WORK YADM_WORK=$(git config core.worktree) cd "$YADM_WORK" || { debug "Alternates not processed, unable to cd to $YADM_WORK" return } #; only be noisy if the "alt" command was run directly [ "$YADM_COMMAND" = "alt" ] && loud="YES" #; loop over all "tracked" files #; for every file which matches the above regex, create a symlink last_linked='' local IFS=$'\n' for tracked_file in $(git ls-files | sort); do tracked_file="$YADM_WORK/$tracked_file" #; process both the path, and it's parent directory for alt_path in "$tracked_file" "${tracked_file%/*}"; do if [ -e "$alt_path" ] ; then if [[ $alt_path =~ $match ]] ; then if [ "$alt_path" != "$last_linked" ] ; then new_link="${BASH_REMATCH[1]}" debug "Linking $alt_path to $new_link" [ -n "$loud" ] && echo "Linking $alt_path to $new_link" ln -nfs "$alt_path" "$new_link" last_linked="$alt_path" fi fi fi done done } function clean() { error_out "\"git clean\" has been disabled for safety. You could end up removing all unmanaged files." } function clone() { #; clone will begin with a bare repo init #; add the specified remote, and configure the repo to track origin/master debug "Adding remote to new repo" git remote add origin "$1" debug "Configuring new repo to track origin/master" git config branch.master.remote origin git config branch.master.merge refs/heads/master #; fetch / merge (and possibly fallback to reset) debug "Doing an initial fetch of the origin" git fetch origin || { debug "Removing repo after failed clone" rm -rf "$YADM_REPO" error_out "Unable to fetch origin $1" } debug "Doing an initial merge of origin/master" git merge origin/master || { debug "Merge failed, doing a reset." git reset origin/master cat </dev/null)) fi done < "$YADM_ENCRYPT" #; report which files will be encrypted echo "Encrypting the following files:" "$LS_PROGRAM" -1 "${GLOBS[@]}" echo #; encrypt all files which match the globs if tar -f - -c "${GLOBS[@]}" | $GPG_PROGRAM --yes "${GPG_OPTS[@]}" --output "$YADM_ARCHIVE"; then echo "Wrote new file: $YADM_ARCHIVE" else error_out "Unable to write $YADM_ARCHIVE" fi #; offer to add YADM_ARCHIVE if untracked archive_status=$(git status --porcelain -uall "$YADM_ARCHIVE" 2>/dev/null) archive_regex="^\?\?" if [[ $archive_status =~ $archive_regex ]] ; then echo "It appears that $YADM_ARCHIVE is not tracked by yadm's repository." echo "Would you like to add it now? (y/n)" read -r answer if [[ $answer =~ ^[yY]$ ]] ; then git add "$YADM_ARCHIVE" fi fi CHANGES_POSSIBLE=1 } function git_command() { require_repo #; translate 'gitconfig' to 'config' -- 'config' is reserved for yadm if [ "$1" = "gitconfig" ] ; then set -- "config" "${@:2}" fi CHANGES_POSSIBLE=1 #; pass commands through to git git "$@" return "$?" } function help() { cat << EOF Usage: yadm [options...] Manage dotfiles maintained in a Git repository. Manage alternate files for specific systems or hosts. Encrypt/decrypt private files. Git Commands: Any Git command or alias can be used as a . It will operate on yadm's repository and files in the work tree (usually \$HOME). Commands: yadm init [-f] - Initialize an empty repository yadm clone [-f] - Clone an existing repository yadm config - Configure a setting yadm list [-a] - List tracked files yadm alt - Create links for alternates yadm encrypt - Encrypt files yadm decrypt [-l] - Decrypt files yadm perms - Fix perms for private files Files: \$HOME/.yadm/config - yadm's configuration file \$HOME/.yadm/repo.git - yadm's Git repository \$HOME/.yadm/encrypt - List of globs used for encrypt/decrypt \$HOME/.yadm/files.gpg - Encrypted data stored here Use "man yadm" for complete documentation. EOF exit 1 } function init() { #; safety check, don't attempt to init when the repo is already present [ -d "$YADM_REPO" ] && [ -z "$FORCE" ] && \ error_out "Git repo already exists. [$YADM_REPO]\nUse '-f' if you want to force it to be overwritten." #; remove existing if forcing the init to happen anyway [ -d "$YADM_REPO" ] && { debug "Removing existing repo prior to init" rm -rf "$YADM_REPO" } #; init a new bare repo debug "Init new repo" git init --shared=0600 --bare "$YADM_REPO" configure_repo CHANGES_POSSIBLE=1 } function list() { require_repo #; process relative to YADM_WORK when --all is specified if [ -n "$LIST_ALL" ] ; then YADM_WORK=$(git config core.worktree) cd "$YADM_WORK" || { debug "List not processed, unable to cd to $YADM_WORK" return } fi #; list tracked files git ls-files } function perms() { require_ls #; TODO: prevent repeats in the files changed #; process relative to YADM_WORK YADM_WORK=$(git config core.worktree) cd "$YADM_WORK" || { debug "Perms not processed, unable to cd to $YADM_WORK" return } GLOBS=() #; include the archive created by "encrypt" [ -f "$YADM_ARCHIVE" ] && GLOBS=("${GLOBS[@]}" "$YADM_ARCHIVE") #; include all .ssh files (unless disabled) if [[ $(config --bool yadm.ssh-perms) != "false" ]] ; then GLOBS=("${GLOBS[@]}" ".ssh" ".ssh/*") fi #; include all gpg files (unless disabled) if [[ $(config --bool yadm.gpg-perms) != "false" ]] ; then GLOBS=("${GLOBS[@]}" ".gnupg" ".gnupg/*") fi #; include globs found in YADM_ENCRYPT (if present) if [ -f "$YADM_ENCRYPT" ] ; then while IFS='' read -r glob || [ -n "$glob" ]; do if [[ ! $glob =~ ^# ]] ; then GLOBS=("${GLOBS[@]}" $(eval "$LS_PROGRAM" "$glob" 2>/dev/null)) fi done < "$YADM_ENCRYPT" fi #; remove group/other permissions from collected globs #shellcheck disable=SC2068 #(SC2068 is disabled because in this case, we desire globbing) chmod -f go-rwx ${GLOBS[@]} >/dev/null 2>&1 #; TODO: detect and report changing permissions in a portable way } function version() { echo "yadm $VERSION" exit 0 } #; ****** Utility Functions ****** function process_global_args() { #; global arguments are removed before the main processing is done MAIN_ARGS=() while [[ $# -gt 0 ]] ; do key="$1" case $key in -Y|--yadm-dir) #; override the standard YADM_DIR if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified yadm directory" fi YADM_DIR="$2" shift ;; --yadm-repo) #; override the standard YADM_REPO if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified repo path" fi YADM_OVERRIDE_REPO="$2" shift ;; --yadm-config) #; override the standard YADM_CONFIG if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified config path" fi YADM_OVERRIDE_CONFIG="$2" shift ;; --yadm-encrypt) #; override the standard YADM_ENCRYPT if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified encrypt path" fi YADM_OVERRIDE_ENCRYPT="$2" shift ;; --yadm-archive) #; override the standard YADM_ARCHIVE if [[ ! "$2" =~ ^/ ]] ; then error_out "You must specify a fully qualified archive path" fi YADM_OVERRIDE_ARCHIVE="$2" shift ;; *) #; main arguments are kept intact MAIN_ARGS+=("$1") ;; esac shift done } function configure_paths() { #; change all paths to be relative to YADM_DIR YADM_REPO="$YADM_DIR/$YADM_REPO" YADM_CONFIG="$YADM_DIR/$YADM_CONFIG" YADM_ENCRYPT="$YADM_DIR/$YADM_ENCRYPT" YADM_ARCHIVE="$YADM_DIR/$YADM_ARCHIVE" #; independent overrides for paths if [ -n "$YADM_OVERRIDE_REPO" ]; then YADM_REPO="$YADM_OVERRIDE_REPO" fi if [ -n "$YADM_OVERRIDE_CONFIG" ]; then YADM_CONFIG="$YADM_OVERRIDE_CONFIG" fi if [ -n "$YADM_OVERRIDE_ENCRYPT" ]; then YADM_ENCRYPT="$YADM_OVERRIDE_ENCRYPT" fi if [ -n "$YADM_OVERRIDE_ARCHIVE" ]; then YADM_ARCHIVE="$YADM_OVERRIDE_ARCHIVE" fi #; use the yadm repo for all git operations export GIT_DIR="$YADM_REPO" } function configure_repo() { debug "Configuring new repo" #; change bare to false (there is a working directory) git config core.bare 'false' #; set the worktree for the yadm repo git config core.worktree "$YADM_WORK" #; by default, do not show untracked files and directories git config status.showUntrackedFiles no #; possibly used later to ensure we're working on the yadm repo git config yadm.managed 'true' } function debug() { [ -n "$DEBUG" ] && echo -e "DEBUG: $*" } function error_out() { echo -e "ERROR: $*" exit 1 } #; ****** Auto Functions ****** function auto_alt() { #; process alternates if there are possible changes if [ "$CHANGES_POSSIBLE" = "1" ] ; then auto_alt=$(config --bool yadm.auto-alt) if [ "$auto_alt" != "false" ] ; then alt fi fi } function auto_perms() { #; process permissions if there are possible changes if [ "$CHANGES_POSSIBLE" = "1" ] ; then auto_perms=$(config --bool yadm.auto-perms) if [ "$auto_perms" != "false" ] ; then perms fi fi } #; ****** Prerequisites Functions ****** function require_archive() { [ -f "$YADM_ARCHIVE" ] || error_out "$YADM_ARCHIVE does not exist. did you forget to create it?" } function require_encrypt() { [ -f "$YADM_ENCRYPT" ] || error_out "$YADM_ENCRYPT does not exist. did you forget to create it?" } function require_git() { command -v git >/dev/null 2>&1 || \ error_out "This functionality requires Git to be installed, but the command git cannot be located." } function require_gpg() { local alt_gpg alt_gpg="$(config yadm.gpg-program)" local more_info more_info="" if [ "$alt_gpg" != "" ] ; then GPG_PROGRAM="$alt_gpg" more_info="\nThis command has been set via the yadm.gpg-program configuration." fi command -v "$GPG_PROGRAM" >/dev/null 2>&1 || \ error_out "This functionality requires GPG to be installed, but the command '$GPG_PROGRAM' cannot be located.$more_info" } function require_repo() { [ -d "$YADM_REPO" ] || error_out "Git repo does not exist. did you forget to run 'init' or 'clone'?" } function require_ls() { if [ ! -f "$LS_PROGRAM" ] ; then command -v ls >/dev/null 2>&1 || \ error_out "This functionality requires 'ls' to be installed at '$LS_PROGRAM' or listed in your \$PATH" LS_PROGRAM=ls fi } #; ****** Main processing (when not unit testing) ****** if [ "$YADM_TEST" != 1 ] ; then process_global_args "$@" configure_paths main "${MAIN_ARGS[@]}" fi