add README and examples

2020-09-03 13:16:44 -07:00 · 2020-09-03 13:16:44 -07:00 · adc97bd3c5
commit adc97bd3c5
parent de367934a7
11 changed files with 146 additions and 80 deletions
--- a/pkgs/agenix.nix
+++ b/pkgs/agenix.nix
@ -6,16 +6,19 @@ PACKAGE="agenix"
 function show_help () {
  echo "$PACKAGE - edit and rekey age secret files"
  echo " "
-  echo "$PACKAGE -e FILE"
-  echo "$PACKAGE -r"
+  echo "$PACKAGE -e FILE [-i PRIVATE_KEY]"
+  echo "$PACKAGE -r [-i PRIVATE_KEY]"
  echo ' '
  echo 'options:'
  echo '-h, --help                show help'
  echo '-e, --edit FILE           edits FILE using $EDITOR'
  echo '-r, --rekey               re-encrypts all secrets with specified recipients'
+  echo '-i, --identity            identity to use when decrypting'
  echo ' '
  echo 'FILE an age-encrypted file'
  echo ' '
+  echo 'PRIVATE_KEY a path to a private SSH key used to decrypt file'
+  echo ' '
  echo 'EDITOR environment variable of editor to use when editing FILE'
  echo ' '
  echo 'RULES environment variable with path to YAML file specifying recipient public keys.'
@ -25,6 +28,7 @@ function show_help () {
 test $# -eq 0 && (show_help && exit 1)

 REKEY=0
+DECRYPT=(--decrypt)

 while test $# -gt 0; do
  case "$1" in
@ -37,7 +41,17 @@ while test $# -gt 0; do
      if test $# -gt 0; then
        export FILE=$1
      else
-        echo "no file specified"
+        echo "no FILE specified"
+        exit 1
+      fi
+      shift
+      ;;
+    -i|--identity)
+      shift
+      if test $# -gt 0; then
+        DECRYPT+=(--identity "$1")
+      else
+        echo "no PRIVATE_KEY specified"
        exit 1
      fi
      shift
@ -81,7 +95,6 @@ function edit {

    if [ -f "$FILE" ]
    then
-        DECRYPT=(--decrypt)
        while IFS= read -r key
        do
            DECRYPT+=(--identity "$key")
--- a/pkgs/agenix.sh
+++ b/pkgs/agenix.sh
@ -1,49 +0,0 @@
-#! /usr/bin/env nix-shell
-#! nix-shell -i bash -p age yq-go moreutils
-
-while test $# -gt 0; do
-  case "$1" in
-    -h|--help)
-      echo "$package - attempt to capture frames"
-      echo " "
-      echo "$package [options] application [arguments]"
-      echo " "
-      echo "options:"
-      echo "-h, --help                show brief help"
-      echo "-a, --action=ACTION       specify an action to use"
-      echo "-o, --output-dir=DIR      specify a directory to store output in"
-      exit 0
-      ;;
-    -a)
-      shift
-      if test $# -gt 0; then
-        export PROCESS=$1
-      else
-        echo "no process specified"
-        exit 1
-      fi
-      shift
-      ;;
-    --action*)
-      export PROCESS=`echo $1 | sed -e 's/^[^=]*=//g'`
-      shift
-      ;;
-    -o)
-      shift
-      if test $# -gt 0; then
-        export OUTPUT=$1
-      else
-        echo "no output dir specified"
-        exit 1
-      fi
-      shift
-      ;;
-    --output-dir*)
-      export OUTPUT=`echo $1 | sed -e 's/^[^=]*=//g'`
-      shift
-      ;;
-    *)
-      break
-      ;;
-  esac
-done