diff --git a/README.md b/README.md index 37e9f69..7f5755f 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ I manage my dotfiles using [dotdrop](https://github.com/deadc0de6/dotdrop). ### Script > [!IMPORTANT] -> Copy ssh public/private key for age, to encrypt/decrypt files to `~/.ssh/identities/phg-age-dotfiles` and `~/.ssh/identities/phg-age-dotfiles.pub` +> Copy ssh public/private key for age, to encrypt/decrypt files to `~/.age/phg-age-dotfiles` and `~/.age/phg-age-dotfiles.pub` > Otherwise empty files will be created instead. ```shell @@ -39,7 +39,7 @@ I manage my dotfiles using [dotdrop](https://github.com/deadc0de6/dotdrop). brew bundle install --file=~/.files/bootstrap/Brewfile ``` 3. Install `drotdrop` via `uv` (`uv tool install --allow-python-downloads --python 3.11 dotdrop`). -4. Copy ssh public/private key for age, to encrypt/decrypt files to `~/.ssh/identities/phg-age-dotfiles` and `~/.ssh/identities/phg-age-dotfiles.pub` +4. Copy ssh public/private key for age, to encrypt/decrypt files to `~/.age/phg-age-dotfiles` and `~/.age/phg-age-dotfiles.pub` 5. Clone dotfiles, install dependencies for dotdrop and install dotfiles. ```shell git clone https://github.com/shokinn/.files ~/.files \ @@ -63,19 +63,39 @@ Installs/updates will now be automatically decrypted/encrypted. ### Decrypt a dotfile manually ```shell -age --decrypt -i ~/.ssh/identities/phg-age-dotfiles -o +age --decrypt -i ~/.age/phg-age-dotfiles -o ``` ### Encrypt a dotfile manually ```shell -cat | age -R ~/.ssh/identities/phg-age-dotfiles.pub > +cat | age -a -R ~/.age/phg-age-dotfiles.pub > ``` ### Edit an encrypted dotfile -TBD +1. Install [age-edit](https://github.com/dbohdan/age-edit) +#### Manual command + +**Default editor:** + +```shell +age-edit -t /tmp/ -M -a ~/.age/phg-age-dotfiles +``` + +**VS Code as editor:** + +```shell +age-edit -e "${HOME}/.local/bin/codew" -t /tmp/ -M -a ~/.age/phg-age-dotfiles +``` + +#### Aliases for file editing + +- `ade` uses the default editor +- `cade` uses vs code for editing the file + +Both aliases are configured via my `.zshrc`. ## Backup/Restore settings for macOS native user preferences diff --git a/config.yaml b/config.yaml index 1dd65a9..65dc1fd 100644 --- a/config.yaml +++ b/config.yaml @@ -3,15 +3,15 @@ config: create: true dotpath: dotfiles variables: - ageidentity: ${{HOME}}/.ssh/identities/phg-age-dotfiles - SHELL_ERR_MESSAGE: '\033[41;30m' - SHELL_RESET_COLOR: '\033[0m' + ageidentity: ${{HOME}}/.age/phg-age-dotfiles + SHELL_ERR_MESSAGE: \033[41;30m + SHELL_RESET_COLOR: \033[0m trans_install: _decrypt: | [[ -f {{@@ ageidentity @@}} ]] && age --decrypt -i {{@@ ageidentity @@}} -o {1} {0} || ([[ ! -f {{@@ _dotfile_abs_dst @@}} ]] && (echo "{{@@ SHELL_ERR_MESSAGE @@}}Missing age identity file {{@@ ageidentity @@}}, cannot decrypt {0}, creating empty file instead{{@@ SHELL_RESET_COLOR @@}}"; echo "" > {1}) || (echo "{{@@ SHELL_ERR_MESSAGE @@}}Missing age identity file {{@@ ageidentity @@}}, cannot decrypt {0}{{@@ SHELL_RESET_COLOR @@}}"; cp {{@@ _dotfile_abs_dst @@}} {1})) trans_update: _encrypt: | - [[ -f {{@@ ageidentity @@}}.pub ]] && cat {0} | age -R {{@@ ageidentity @@}}.pub > {1} || echo "{{@@ SHELL_ERR_MESSAGE @@}}Missing age identity file {{@@ ageidentity @@}}.pub, cannot encrypt {0}{{@@ SHELL_RESET_COLOR @@}}" + [[ -f {{@@ ageidentity @@}}.pub ]] && cat {0} | age -a -R {{@@ ageidentity @@}}.pub > {1} || echo "{{@@ SHELL_ERR_MESSAGE @@}}Missing age identity file {{@@ ageidentity @@}}.pub, cannot encrypt {0}{{@@ SHELL_RESET_COLOR @@}}" actions: oh-my-zsh: | [[ ! -d ${{HOME}}/.oh-my-zsh ]] && sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" "" --unattended || echo "do nothing" >/dev/null @@ -163,6 +163,10 @@ dotfiles: dst: ~/.finicky.js trans_install: _decrypt trans_update: _encrypt + f_codew: + src: local/bin/codew + dst: ~/.local/bin/codew + chmod: '700' profiles: meta_base: variables: @@ -172,6 +176,7 @@ profiles: dotfiles: - d_colors - f_agenix_helper + - f_codew - f_commonfunc - f_config - f_p10k_mise diff --git a/config/Firefox/sidebery-data-2025.10.02-18.02.01.json.age b/config/Firefox/sidebery-data-2025.10.02-18.02.01.json.age index fab4206..66039b5 100644 Binary files a/config/Firefox/sidebery-data-2025.10.02-18.02.01.json.age and b/config/Firefox/sidebery-data-2025.10.02-18.02.01.json.age differ diff --git a/dotfiles/finicky.js b/dotfiles/finicky.js index 3d82bbf..d49ee3e 100644 Binary files a/dotfiles/finicky.js and b/dotfiles/finicky.js differ diff --git a/dotfiles/local/bin/codew b/dotfiles/local/bin/codew new file mode 100755 index 0000000..3ece04d --- /dev/null +++ b/dotfiles/local/bin/codew @@ -0,0 +1,7 @@ +#!/usr/bin/env zsh + +# +# {{@@ header() @@}} +# + +code -w ${@} diff --git a/dotfiles/zshrc b/dotfiles/zshrc index 8751df7..3837556 100644 --- a/dotfiles/zshrc +++ b/dotfiles/zshrc @@ -184,6 +184,8 @@ alias agenix='RULES='\''./secrets/secrets.nix'\'' agenix' alias agenix-edit="agenix -i {{@@ env['HOME'] @@}}/.ssh/identities/agenix-phg -e" alias ane='agenix-edit' alias cane="EDITOR='code -w' agenix-edit" +alias ade='age-edit -t /tmp/ -M -a {{@@ env['HOME'] @@}}/.age/phg-age-dotfiles' +alias cade='age-edit -e "${HOME}/.local/bin/codew" -t /tmp/ -M -a {{@@ env['HOME'] @@}}/.age/phg-age-dotfiles' alias du="duf" alias ssh-no-check="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" alias ssh-strongbox-keys="SSH_AUTH_SOCK=~/Library/Group\ Containers/group.strongbox.mac.mcguill/agent.sock ssh-add -l"