-
Notifications
You must be signed in to change notification settings - Fork 0
/
codex
executable file
·84 lines (73 loc) · 2.19 KB
/
codex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#! /usr/bin/env ruby -w
#
# Codex is a hacky little way to maintain an archived semi-secure directory.
# Once you have your environment set up, just run 'codex' and you'll be popped
# into your directory in your favorite editor. As soon as the editor closes, all
# changes are committed to git and the whole directory is encrypted.
#
# This doesn't bother with things like securing memory or ensuring removal of
# files.
#
# Environment variables to consider:
#
# * CODEX_RECIPIENT - who the codex is encrypted 'to' with gpg
# * CODEX_LOCATION - a fixed directory where your archives will be stored.
# * CODEX_EDITOR - probably 'vi'
# * CODEX_FILE - file to start editing by default, passed as an argument to
# the editor.
# * CODEX_POSTPROCESS - a separate script that will be exec'd when this ends.
#
# -- bpo (2010)
#
class Codex
RECIPIENT = ENV['CODEX_RECIPIENT']
BASE = ENV['CODEX_LOCATION']
EDITOR = ENV['CODEX_EDITOR']
FILE = ENV['CODEX_FILE']
POST = ENV['CODEX_POSTPROCESS']
def log( something )
puts something if $verbose
end
def x(something)
log something
raise "failed to execute: #{something}" unless system(something)
end
def pushd( dir )
log "pushd #{dir}"
Dir.chdir( dir ) do
yield
log "popd"
end
end
def initialize
@recipient = RECIPIENT
@location = BASE
end
def run
stamp = Time.now.to_i
pushd( @location ) do
tarball = "codex_#{stamp}.tar.bz2"
x "gpg -o #{tarball} --decrypt codex.gpg"
x "mv codex.gpg backups/codex.#{stamp}.gpg"
x "tar -xjf #{tarball}"
x "rm #{tarball}"
pushd( "codex" ) do
x "#{EDITOR} #{FILE}"
x "git add -A"
# rescue all failures here - nastiness will go to stderr, but we want to
# bypass the return code of 1 that happens when there's nothing new to
# add/commit.
x "git ci -a -m 'Updating codex at #{Time.now.to_s}'" rescue true
end
x "tar -cjf #{tarball} codex"
x "rm -fR codex"
x "gpg -o codex.gpg -r #{@recipient} --encrypt #{tarball}"
x "rm #{tarball}"
end
end
end
$verbose = true
if( $0 == __FILE__ )
Codex.new.run
end
exec Codex::POST