Git-crypt
From wikinotes
Encrypt select files within a git repo.
Designed for encrypting few/select files within a git repo, rather than the entire repo.
You may also be interested in encfs and vim-gnupg.
Documentation
official docs https://github.com/AGWA/git-crypt/wiki github https://github.com/AGWA/git-crypt
Tutorials
dev https://dev.to/heroku/how-to-manage-your-secrets-with-git-crypt-56ih
Install
sudo pacman -S git-crypt
Configuration
Repo Setup
# create repo mkdir myrepo cd myrepo git init git-crypt init# .gitattributes # specify files to encrypt *.rst filter=git-crypt diff=git-crypt# add GPG key to encrypt files with git-crypt add-gpg-user user@domain.com # email specified in gpgkey being used # export git-crypt's key so that you have a backup (?) git-crypt export-key ~/gitcryptkeyMigrating docs to new GPG keys
# haven't tried this yet, but it looks like it might be git-encrypt migrate-keyUnofficial git merge support
See https://github.com/AGWA/git-crypt/issues/140
# ${REPO}/gitcrypt-merge #!/usr/bin/env bash ancestor_decrypted="$1__decrypt" current_decrypted="$2__decrypt" other_decrypted="$3__decrypt" echo "" echo "###########################" echo "# Git crypt driver called #" echo "###########################" echo "" echo "Decrypting ancestor file..." cat $1 | git-crypt smudge > "${ancestor_decrypted}" echo "Decrypting current file..." cat $2 | git-crypt smudge > "${current_decrypted}" echo "Decrypting other file..." cat $3 | git-crypt smudge > "${other_decrypted}" echo "" echo "Merging ..." git merge-file -L "current branch" -L "ancestor branch" -L "other branch" "${current_decrypted}" "${ancestor_decrypted}" "${other_decrypted}" exit_code=$? cat "${current_decrypted}" | git-crypt clean > $2 echo "Removing temporary files..." rm "${other_decrypted}" "${ancestor_decrypted}" "${current_decrypted}" if [ "$exit_code" -eq "0" ] then echo "@@@ No conflict!" else echo "@@@ You need to solve some conflicts..." fi exit $exit_code# ${REPO}/.gitattributes crypt/** filter=git-crypt diff=git-crypt merge=git-crypt
Usage
git crypt lock git crypt unlock git crypt status # show encrypted/non-encrypted status of files