aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog12
-rw-r--r--Makefile2
-rw-r--r--ikiwiki.setup216
-rw-r--r--ikiwiki.yaml426
-rwxr-xr-xkeyringer4
-rwxr-xr-xlib/keyringer/actions/genkeys11
-rwxr-xr-xlib/keyringer/actions/shell2
-rwxr-xr-xlib/keyringer/functions4
8 files changed, 451 insertions, 226 deletions
diff --git a/ChangeLog b/ChangeLog
index 6487c06..1142a1a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,14 @@
-2017-11-23 - 0.5.3 - Silvio Rhatto <rhatto@riseup.net>
+2019-01-29 - 0.5.4 - Silvio Rhatto <rhatto@riseup.net>
+
+ Use --no-encrypt-to GnuPG option to strictly respect the recipients file
+
+ Fixes BASEDIR evaluation at init action
+
+ Adds history support at shell action
+
+ Fix passphrase entry at genpairs when exporting secret keys
+
+2018-05-30 - 0.5.3 - Silvio Rhatto <rhatto@riseup.net>
Grégoire Jadi <gjadi@omecha.info>
Jérémie Courrèges-Anglas <jca@wxcvbn.org>
diff --git a/Makefile b/Makefile
index b1c347a..53dd921 100644
--- a/Makefile
+++ b/Makefile
@@ -85,7 +85,7 @@ debian:
gbp buildpackage --git-tag-only --git-sign-tags
web:
- @ikiwiki --setup ikiwiki.setup
+ @ikiwiki --setup ikiwiki.yaml
web_deploy:
@rsync -avz --delete www/ blog:/var/sites/keyringer/www/
diff --git a/ikiwiki.setup b/ikiwiki.setup
deleted file mode 100644
index f316524..0000000
--- a/ikiwiki.setup
+++ /dev/null
@@ -1,216 +0,0 @@
-#!/usr/bin/perl
-# Configuration file for ikiwiki.
-# Passing this to ikiwiki --setup will make ikiwiki generate wrappers and
-# build the wiki.
-#
-# Remember to re-run ikiwiki --setup any time you edit this file.
-
-use IkiWiki::Setup::Standard {
- wikiname => "Keyringer: encrypted and distributed secret sharing software",
- adminuser => ["keyringer", ],
- adminemail => 'rhatto@keyringer.pw',
-
- # Be sure to customise these..
- srcdir => ".",
- destdir => "www",
-
- url => "https://keyringer.pw",
- cgiurl => "https://keyringer.pw/ikiwiki.cgi",
- #templatedir => "/usr/share/ikiwiki/templates",
- #underlaydir => "/usr/share/ikiwiki/basewiki",
-
- # Subversion stuff.
- #rcs => "svn",
- #historyurl => "http://svn.example.org/trunk/[[file]]",
- #diffurl => "http://svn.example.org/trunk/[[file]]?root=wiki&amp;r1=[[r1]]&amp;r2=[[r2]]",
- #svnrepo => "/svn/wiki",
- #svnpath => "trunk",
-
- # Git stuff.
- rcs => "git",
- historyurl => "https://git.fluxo.info/keyringer/log/[[file]]",
- diffurl => 'https://git.fluxo.info/keyringer/commit/[[file]]?id=[[sha1_commit]]',
- #gitorigin_branch => "origin",
- #gitmaster_branch => "master",
- # See https://ikiwiki.info/tips/laptop_wiki_with_git/
- gitorigin_branch => '',
-
- # Tla stuff.
- #rcs => "tla"
- #historyurl => ??,
- #diffurl => ??,
-
- # Mercurial stuff.
- #rcs => "mercurial",
- #historyurl => "http://localhost:8000/log/tip/[[file]]", # hg serve'd local repository
- #diffurl => "http://localhost:8000/?fd=[[r2]];file=[[file]]",
-
- # Bazaar stuff.
- #rcs => "bzr",
- #historyurl => "",
- #diffurl => "http://example.com/revision?start_revid=[[r2]]#[[file]]-s", # using loggerhead
-
- # Monotone stuff
- #rcs => "monotone",
- #mtnkey => "web\@machine.company.com",
- #historyurl => "http://viewmtn.example.com/branch/head/filechanges/com.example.branch/[[file]]",
- #diffurl => "http://viewmtn.example.com/revision/diff/[[r1]]/with/[[r2]]/[[file]]",
- # Set if you want the wiki to sync on update and commit.
- #mtnsync => 0,
- # The path to your workspace (defaults to the srcdir itself)
- # e.g. use if your srcdir is a subdirectory of the workspace.
- #mtnrootdir => "path/to/root/of/workspace",
-
- wrappers => [
- #{
- # # The cgi wrapper.
- # cgi => 0,
- # wrapper => "/var/sites/rhatto/ikiwiki/ikiwiki.cgi",
- # wrappermode => "06550",
- # wrappergroup => "www-data",
- #},
- #{
- # # The svn post-commit wrapper.
- # # Note that this will overwrite any existing
- # # post-commit hook script, which may not be
- # # what you want.
- # wrapper => "/svn/wikirepo/hooks/post-commit",
- # wrappermode => "04755",
- # # Log to syslog since svn post-commit hooks
- # # hide output and errors.
- # syslog => 1,
- #},
- #{
- # # The git post-update wrapper.
- # # Note that this will overwrite any existing
- # # post-update hook script, which may not be
- # # what you want.
- # wrapper => "/var/git/repositories/rhatto.git/hooks/post-update",
- # wrappermode => "06550",
- # wrappergroup => "git",
- #},
- #{
- # # The monotone netsync hook.
- # wrapper => "path/to/root/of/workspace/_MTN/ikiwiki-netsync-hook",
- # wrappermode => "06755",
- #},
- ],
-
- # Default to generating rss feeds for pages with feeds?
- rss => 1,
- # Default to generating atom feeds for pages with feeds?
- #atom => 1,
- # Allow generating feeds even if not generated by default?
- #allowrss => 1,
- #allowatom => 1,
- # Urls to ping with XML-RPC when feeds are updated
- #pingurl => [qw{http://rpc.technorati.com/rpc/ping}],
- # Include discussion links on all pages?
- discussion => 0,
- # To exclude files matching a regexp from processing. This adds to
- # the default exclude list.
- #exclude => qr/\.wav$/,
- exclude => qr/www/,
- # To change the extension used for generated html files.
- #htmlext => 'htm',
- # Time format (for strftime)
- #timeformat => '%c',
- # Locale to use. Must be a UTF-8 locale.
- #locale => 'en_US.UTF-8',
- # Only send cookies over SSL connections.
- #sslcookie => 1,
- # Logging settings:
- #verbose => 1,
- syslog => 0,
- # To link to user pages in a subdirectory of the wiki.
- #userdir => "users",
- # To create output files named page.html rather than page/index.html.
- #usedirs => 0,
- # Simple spam prevention: require an account-creation password.
- #account_creation_password => "guesswhat",
- # Cost of generating a password using Authen::Passphrase::BlowfishCrypt
- #password_cost => 8,
- # Uncomment to force ikiwiki to run with a particular umask.
- umask => 002,
- # Default settings for the recentchanges page.
- #recentchangespage => "recentchanges",
- #recentchangesnum => 100,
- # Use new '!'-prefixed preprocessor directive syntax
- #prefix_directives => 0,
- # Attempt to make hardlinks to source files instead of copying them.
- # Useful if the wiki contains large media files.
- #hardlink => 1,
- # Enable use of multimarkdown features in .mdwn files.
- #multimarkdown => 1,
-
- # To add plugins, list them here.
- #add_plugins => [qw{goodstuff search wikitext camelcase
- # htmltidy fortune sidebar map rst anonok}],
- add_plugins => [qw{goodstuff sidebar}],
- # If you want to disable any of the default plugins, list them here.
- #disable_plugins => [qw{inline htmlscrubber passwordauth openid}],
- disable_plugins => [qw{openid editpage}],
- # To add a directory to the perl search path, use this.
- #libdir => "/home/me/.ikiwiki/",
-
- # To override environment variable settings, you can list values here.
- #ENV => {
- # TZ => "America/New_York",
- # PATH => "/home/me/bin:/usr/local/bin:/usr/bin:/bin",
- #},
-
- # For use with the tag plugin, make all tags be located under a
- # base page.
- #tagbase => "tag",
-
- # For use with the search plugin if the omega cgi is located
- # somewhere else.
- #omega_cgi => "/usr/lib/cgi-bin/omega/omega",
-
- # For use with the openid plugin, to give an url to a page users
- # can use to signup for an OpenID.
- #openidsignup => "http://myopenid.com/",
-
- # For use with the mirrorlist plugin, a list of mirrors.
- #mirrorlist => {
- # mirror1 => "http://hostname1",
- # mirror2 => "http://hostname2/mirror",
- #},
-
- # For use with the anonok plugin, a PageSpec specifying what
- # pages anonymous users can edit
- #anonok_pagespec => "*",
-
- # For use with the aggregate plugin, to allow aggregation to be
- # triggered via the web.
- #aggregate_webtrigger => 1,
-
- # For use with the pinger plugin, how many seconds to wait before
- # timing out.
- #pinger_timeout => 15.
-
- # For use with the amazon S3 plugin, your public access key id.
- #amazon_s3_key_id => 'XXXXXXXXXXXXXXXXXXXX',
- # And a file holding your secret key. This file *must* not be
- # readable by others!
- #amazon_s3_key_file => "/home/me/.hide/.s3_key
- # The globally unique name of the bucket to use to store the wiki.
- #amazon_s3_bucket => "mywiki",
- # A prefix to prepend to each page name.
- #amazon_s3_prefix => "wiki/",
- # Uncomment to use the S3 European datacenter.
- #amazon_s3_location => "EU",
- # Uncomment if you need to store each index file twice.
- #amazon_s3_dupindex => 1,
-
- # For use with the attachment plugin, a program that returns
- # nonzero if its standard input contains an virus.
- #virus_checker => "clamdscan -",
-
- # See https://ikiwiki.info/plugins/po/
- #po_master_language => 'en|English',
- #po_slave_languages => [ 'pt|Portuguese' ],
-
- # See http://ikiwiki.info/plugins/rsync/
- #rsync_command => 'rsync -qa --delete . keyringer:/var/sites/keyringer/www/',
-}
diff --git a/ikiwiki.yaml b/ikiwiki.yaml
new file mode 100644
index 0000000..3ee0fb8
--- /dev/null
+++ b/ikiwiki.yaml
@@ -0,0 +1,426 @@
+# IkiWiki::Setup::Yaml - YAML formatted setup file
+#
+# Setup file for ikiwiki.
+#
+# Passing this to ikiwiki --setup will make ikiwiki generate
+# wrappers and build the wiki.
+#
+# Remember to re-run ikiwiki --setup any time you edit this file.
+#
+# name of the wiki
+wikiname: 'Keyringer: encrypted and distributed secret sharing software'
+# contact email for wiki
+adminemail: rhatto@keyringer.pw
+# users who are wiki admins
+adminuser:
+- keyringer
+# users who are banned from the wiki
+banned_users: []
+# where the source of the wiki is located
+srcdir: .
+# where to build the wiki
+destdir: www
+# base url to the wiki
+url: https://keyringer.pw
+# url to the ikiwiki.cgi
+cgiurl: https://keyringer.pw/ikiwiki.cgi
+# do not adjust cgiurl if CGI is accessed via different URL
+reverse_proxy: 0
+# filename of cgi wrapper to generate
+cgi_wrapper: ''
+# mode for cgi_wrapper (can safely be made suid)
+cgi_wrappermode: 06755
+# number of seconds to delay CGI requests when overloaded
+cgi_overload_delay: ''
+# message to display when overloaded (may contain html)
+cgi_overload_message: ''
+# enable optimization of only refreshing committed changes?
+only_committed_changes: 0
+# rcs backend to use
+rcs: git
+# plugins to add to the default configuration
+add_plugins:
+- goodstuff
+- sidebar
+# plugins to disable
+disable_plugins:
+- openid
+- editpage
+# additional directory to search for template files
+templatedir: /usr/share/ikiwiki/templates
+# base wiki source location
+underlaydir: /usr/share/ikiwiki/basewiki
+# display verbose messages?
+#verbose: 1
+# log to syslog?
+#syslog: 1
+# create output files named page/index.html?
+usedirs: 1
+# use '!'-prefixed preprocessor directives?
+prefix_directives: 1
+# use page/index.mdwn source files
+indexpages: 0
+# enable Discussion pages?
+discussion: 0
+# name of Discussion pages
+discussionpage: Discussion
+# use elements new in HTML5 like <section>?
+html5: 0
+# only send cookies over SSL connections?
+sslcookie: 0
+# extension to use for new pages
+default_pageext: mdwn
+# extension to use for html files
+htmlext: html
+# strftime format string to display date
+timeformat: '%c'
+# UTF-8 locale to use
+#locale: en_US.UTF-8
+# put user pages below specified page
+userdir: ''
+# how many backlinks to show before hiding excess (0 to show all)
+numbacklinks: 10
+# attempt to hardlink source files? (optimisation for large files)
+hardlink: 0
+# force ikiwiki to use a particular umask (keywords public, group or private, or a number)
+umask: 2
+# group for wrappers to run in
+#wrappergroup: ikiwiki
+# extra library and plugin directories
+libdirs: []
+# extra library and plugin directory (searched after libdirs)
+libdir: ''
+# environment variables
+ENV: {}
+# time zone name
+timezone: :/etc/localtime
+# regexp of normally excluded files to include
+#include: ^\.htaccess$
+# regexp of files that should be skipped
+exclude: (?^:www)
+# specifies the characters that are allowed in source filenames
+wiki_file_chars: -[:alnum:]+/.:_
+# allow symlinks in the path leading to the srcdir (potentially insecure)
+allow_symlinks_before_srcdir: 0
+# cookie control
+cookiejar:
+ file: /home/rhatto/.ikiwiki/cookies
+# set custom user agent string for outbound HTTP requests e.g. when fetching aggregated RSS feeds
+useragent: ikiwiki/3.20170111
+# theme has a responsive layout? (mobile-optimized)
+responsive_layout: 1
+# try harder to produce deterministic output
+deterministic: 0
+
+######################################################################
+# core plugins
+# (editpage, git, htmlscrubber, inline, link, meta, parentlinks,
+# templatebody)
+######################################################################
+
+# git plugin
+# git hook to generate
+#git_wrapper: /git/wiki.git/hooks/post-update
+# shell command for git_wrapper to run, in the background
+#git_wrapper_background_command: git push github
+# mode for git_wrapper (can safely be made suid)
+#git_wrappermode: 06755
+# git pre-receive hook to generate
+#git_test_receive_wrapper: /git/wiki.git/hooks/pre-receive
+# unix users whose commits should be checked by the pre-receive hook
+#untrusted_committers: []
+# gitweb url to show file history ([[file]] substituted)
+historyurl: https://git.fluxo.info/keyringer/log/[[file]]
+# gitweb url to show a diff ([[file]], [[sha1_to]], [[sha1_from]], [[sha1_commit]], and [[sha1_parent]] substituted)
+diffurl: https://git.fluxo.info/keyringer/commit/[[file]]?id=[[sha1_commit]]
+# where to pull and push changes (set to empty string to disable)
+gitorigin_branch: ''
+# branch that the wiki is stored in
+gitmaster_branch: master
+
+# htmlscrubber plugin
+# PageSpec specifying pages not to scrub
+#htmlscrubber_skip: '!*/Discussion'
+
+# inline plugin
+# enable rss feeds by default?
+rss: 1
+# enable atom feeds by default?
+#atom: 0
+# allow rss feeds to be used?
+#allowrss: 0
+# allow atom feeds to be used?
+#allowatom: 0
+# urls to ping (using XML-RPC) on feed update
+pingurl: []
+
+######################################################################
+# auth plugins
+# (anonok, blogspam, emailauth, httpauth, lockedit, moderatedcomments,
+# opendiscussion, openid, passwordauth, signinedit)
+######################################################################
+
+# anonok plugin
+# PageSpec to limit which pages anonymous users can edit
+#anonok_pagespec: '*/discussion'
+
+# blogspam plugin
+# PageSpec of pages to check for spam
+#blogspam_pagespec: postcomment(*)
+# options to send to blogspam server
+#blogspam_options: blacklist=1.2.3.4,blacklist=8.7.6.5,max-links=10
+# blogspam server JSON url
+#blogspam_server: ''
+
+# emailauth plugin
+# email address to send emailauth mails as (default: adminemail)
+#emailauth_sender: ''
+
+# httpauth plugin
+# url to redirect to when authentication is needed
+#cgiauthurl: http://example.com/wiki/auth/ikiwiki.cgi
+# PageSpec of pages where only httpauth will be used for authentication
+#httpauth_pagespec: '!*/Discussion'
+
+# lockedit plugin
+# PageSpec controlling which pages are locked
+#locked_pages: '!*/Discussion'
+
+# moderatedcomments plugin
+# PageSpec matching users or comment locations to moderate
+#moderate_pagespec: '*'
+
+# openid plugin
+# url pattern of openid realm (default is cgiurl)
+#openid_realm: ''
+# url to ikiwiki cgi to use for openid authentication (default is cgiurl)
+#openid_cgiurl: ''
+
+# passwordauth plugin
+# a password that must be entered when signing up for an account
+#account_creation_password: s3cr1t
+# cost of generating a password using Authen::Passphrase::BlowfishCrypt
+#password_cost: 8
+
+######################################################################
+# format plugins
+# (creole, highlight, hnb, html, mdwn, otl, po, rawhtml, rst, textile,
+# txt)
+######################################################################
+
+# highlight plugin
+# types of source files to syntax highlight
+#tohighlight: .c .h .cpp .pl .py Makefile:make
+# location of highlight's filetypes.conf
+#filetypes_conf: /etc/highlight/filetypes.conf
+# location of highlight's langDefs directory
+#langdefdir: /usr/share/highlight/langDefs
+
+# mdwn plugin
+# enable multimarkdown features?
+#multimarkdown: 0
+# disable use of markdown discount?
+#nodiscount: 0
+
+# po plugin
+# master language (non-PO files)
+#po_master_language: en|English
+# slave languages (translated via PO files) format: ll|Langname
+#po_slave_languages:
+#- fr|Français
+#- es|Español
+#- de|Deutsch
+# PageSpec controlling which pages are translatable
+#po_translatable_pages: '* and !*/Discussion'
+# internal linking behavior (default/current/negotiated)
+#po_link_to: current
+
+######################################################################
+# special-purpose plugins
+# (osm, underlay)
+######################################################################
+
+# osm plugin
+# the default zoom when you click on the map link
+#osm_default_zoom: 15
+# the icon shown on links and on the main map
+#osm_default_icon: ikiwiki/images/osm.png
+# the alt tag of links, defaults to empty
+#osm_alt: ''
+# the output format for waypoints, can be KML, GeoJSON or CSV (one or many, comma-separated)
+#osm_format: KML
+# the icon attached to a tag, displayed on the map for tagged pages
+#osm_tag_default_icon: icon.png
+# Url for the OpenLayers.js file
+#osm_openlayers_url: http://www.openlayers.org/api/OpenLayers.js
+# Layers to use in the map. Can be either the 'OSM' string or a type option for Google maps (GoogleNormal, GoogleSatellite, GoogleHybrid or GooglePhysical). It can also be an arbitrary URL in a syntax acceptable for OpenLayers.Layer.OSM.url parameter.
+#osm_layers:
+# OSM: GoogleSatellite
+# Google maps API key, Google layer not used if missing, see https://code.google.com/apis/console/ to get an API key
+#osm_google_apikey: ''
+
+# underlay plugin
+# extra underlay directories to add
+#add_underlays:
+#- /home/rhatto/wiki.underlay
+
+######################################################################
+# web plugins
+# (404, attachment, comments, editdiff, edittemplate, getsource, google,
+# goto, mirrorlist, remove, rename, repolist, search, theme, userlist,
+# websetup, wmd)
+######################################################################
+
+# attachment plugin
+# enhanced PageSpec specifying what attachments are allowed
+#allowed_attachments: virusfree() and mimetype(image/*) and maxsize(50kb)
+# virus checker program (reads STDIN, returns nonzero if virus found)
+#virus_checker: clamdscan -
+
+# comments plugin
+# PageSpec of pages where comments are allowed
+#comments_pagespec: blog/* and !*/Discussion
+# PageSpec of pages where posting new comments is not allowed
+#comments_closed_pagespec: blog/controversial or blog/flamewar
+# Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"
+#comments_pagename: ''
+# Interpret directives in comments?
+#comments_allowdirectives: 0
+# Allow anonymous commenters to set an author name?
+#comments_allowauthor: 0
+# commit comments to the VCS
+#comments_commit: 1
+# Restrict formats for comments to (no restriction if empty)
+#comments_allowformats: mdwn txt
+
+# getsource plugin
+# Mime type for returned source.
+#getsource_mimetype: text/plain; charset=utf-8
+
+# mirrorlist plugin
+# list of mirrors
+#mirrorlist: {}
+# generate links that point to the mirrors' ikiwiki CGI
+#mirrorlist_use_cgi: 1
+
+# repolist plugin
+# URIs of repositories containing the wiki's source
+#repositories:
+#- svn://svn.example.org/wiki/trunk
+
+# search plugin
+# path to the omega cgi program
+#omega_cgi: /usr/lib/cgi-bin/omega/omega
+# use google site search rather than internal xapian index?
+#google_search: 1
+
+# theme plugin
+# name of theme to enable
+#theme: actiontabs
+
+# websetup plugin
+# list of plugins that cannot be enabled/disabled via the web interface
+#websetup_force_plugins: []
+# list of additional setup field keys to treat as unsafe
+#websetup_unsafe: []
+# show unsafe settings, read-only, in web interface?
+#websetup_show_unsafe: 1
+
+######################################################################
+# widget plugins
+# (calendar, color, conditional, cutpaste, date, format, fortune,
+# graphviz, haiku, headinganchors, img, linkmap, listdirectives, map,
+# more, orphans, pagecount, pagestats, poll, polygen, postsparkline,
+# progress, shortcut, sparkline, table, template, teximg, toc, toggle,
+# version)
+######################################################################
+
+# calendar plugin
+# base of the archives hierarchy
+#archivebase: archives
+# PageSpec of pages to include in the archives, if option `calendar_autocreate` is true.
+#archive_pagespec: page(posts/*) and !*/Discussion
+# autocreate new calendar pages?
+#calendar_autocreate: 1
+# if set, when building calendar pages, also build pages of year and month when no pages were published (building empty calendars).
+#calendar_fill_gaps: 1
+
+# img plugin
+# Image formats to process (jpeg, png, gif, svg, pdf or 'everything' to accept all)
+#img_allowed_formats: ''
+
+# listdirectives plugin
+# directory in srcdir that contains directive descriptions
+#directive_description_dir: ikiwiki/directive
+
+# teximg plugin
+# Should teximg use dvipng to render, or dvips and convert?
+#teximg_dvipng: ''
+# LaTeX prefix for teximg plugin
+#teximg_prefix: |
+# \documentclass{article}
+# \usepackage[utf8]{inputenc}
+# \usepackage{amsmath}
+# \usepackage{amsfonts}
+# \usepackage{amssymb}
+# \pagestyle{empty}
+# \begin{document}
+# LaTeX postfix for teximg plugin
+#teximg_postfix: \end{document}
+
+######################################################################
+# other plugins
+# (aggregate, autoindex, brokenlinks, camelcase, ddate, embed, favicon,
+# filecheck, flattr, goodstuff, htmlbalance, localstyle, loginselector,
+# notifyemail, pagetemplate, pingee, pinger, prettydate, recentchanges,
+# recentchangesdiff, relativedate, rsync, sidebar, smiley,
+# sortnaturally, tag, testpagespec, trail, transient)
+######################################################################
+
+# aggregate plugin
+# enable aggregation to internal pages?
+#aggregateinternal: 1
+# allow aggregation to be triggered via the web?
+#aggregate_webtrigger: 0
+
+# autoindex plugin
+# commit autocreated index pages
+#autoindex_commit: 1
+
+# camelcase plugin
+# list of words to not turn into links
+#camelcase_ignore: []
+
+# flattr plugin
+# userid or user name to use by default for Flattr buttons
+#flattr_userid: joeyh
+
+# pinger plugin
+# how many seconds to try pinging before timing out
+#pinger_timeout: 15
+
+# prettydate plugin
+# format to use to display date
+#prettydateformat: '%X, %B %o, %Y'
+
+# recentchanges plugin
+# name of the recentchanges page
+recentchangespage: recentchanges
+# number of changes to track
+recentchangesnum: 100
+
+# rsync plugin
+# command to run to sync updated pages
+#rsync_command: rsync -qa --delete . user@host:/path/to/docroot/
+
+# sidebar plugin
+# show sidebar page on all pages?
+#global_sidebars: 1
+
+# tag plugin
+# parent page tags are located under
+#tagbase: tag
+# autocreate new tag pages?
+#tag_autocreate: 1
+# commit autocreated tag pages
+tag_autocreate_commit: 1
diff --git a/keyringer b/keyringer
index 41b34ff..c419d35 100755
--- a/keyringer
+++ b/keyringer
@@ -93,7 +93,7 @@ function keyringer_init {
fi
# Reparse basedir to force absolute folder
- BASEDIR="`cd $BASEDIR && pwd`"
+ BASEDIR="`cd $BASEDIR &> /dev/null && pwd`"
# Add entry
chmod 700 "$BASEDIR"
@@ -140,7 +140,7 @@ function keyringer_dispatch {
# Config
NAME="keyringer"
-KEYRINGER_VERSION="0.5.3"
+KEYRINGER_VERSION="0.5.4"
CONFIG_VERSION="0.1"
CONFIG_BASE="$HOME/.$NAME"
CONFIG="$CONFIG_BASE/config"
diff --git a/lib/keyringer/actions/genkeys b/lib/keyringer/actions/genkeys
index deacbfd..addd10d 100755
--- a/lib/keyringer/actions/genkeys
+++ b/lib/keyringer/actions/genkeys
@@ -52,7 +52,7 @@ function genkeys_gpg {
passphrase="`keyringer_exec decrypt "$BASEDIR" "$FILE.passwd"`"
# TODO: insert random bytes
- # TODO: custom Name-Comment and Name-Email
+ # TODO: custom Name-Email
$GPG --homedir "$TMPWORK" --gen-key --batch <<EOF
Key-Type: RSA
Key-Length: 4096
@@ -66,8 +66,11 @@ function genkeys_gpg {
EOF
# Encrypt the result
+ # See https://superuser.com/questions/1135812/gpg2-asking-for-passphrase-when-importing-secret-keys#1135950
+ # https://stackoverflow.com/questions/49072403/suppress-the-passphrase-prompt-in-gpg-command
+ # https://dev.gnupg.org/T2313
echo "Encrypting secret key into keyringer..."
- $GPG --armor --homedir "$TMPWORK" --export-secret-keys | keyringer_exec encrypt "$BASEDIR" "$FILE"
+ echo -e "${passphrase}\n" | $GPG --armor --homedir "$TMPWORK" --passphrase-fd 0 --batch --no-tty --pinentry-mode=loopback --export-secret-keys | keyringer_exec encrypt "$BASEDIR" "$FILE"
echo "Encrypting public key into keyringer..."
$GPG --armor --homedir "$TMPWORK" --export | keyringer_exec encrypt "$BASEDIR" "$FILE.pub"
#echo "Encrypting passphrase into keyringer..."
@@ -76,8 +79,8 @@ EOF
if [ ! -z "$OUTFILE" ]; then
mkdir -p `dirname $OUTFILE`
printf "Saving copies at %s and %s.pub\n" "$OUTFILE" "$OUTFILE"
- $GPG --armor --homedir "$TMPWORK" --export-secret-keys > "$OUTFILE"
- $GPG --armor --homedir "$TMPWORK" --export > "$OUTFILE.pub"
+ echo -e "${passphrase}\n" | $GPG --armor --homedir "$TMPWORK" --passphrase-fd 0 --batch --no-tty --pinentry-mode=loopback --export-secret-keys > "$OUTFILE"
+ $GPG --armor --homedir "$TMPWORK" --export > "$OUTFILE.pub"
fi
echo "Done"
diff --git a/lib/keyringer/actions/shell b/lib/keyringer/actions/shell
index 3b98d68..d87a638 100755
--- a/lib/keyringer/actions/shell
+++ b/lib/keyringer/actions/shell
@@ -15,6 +15,8 @@ keyringer_usage $KEYRING
# While a "quit" command isn't entered, read STDIN
while read -rep "keyringer:/${KEYRING}${SHELLPATH}> " STDIN; do
+ history -s "$STDIN"
+
if [ "$STDIN" == "quit" ] || [ "$STDIN" == "exit" ] || [ "$STDIN" == "bye" ]; then
break
elif [ "$STDIN" == "shell" ]; then
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index d529daf..308d0ea 100755
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -314,9 +314,9 @@ function keyringer_set_env {
fi
if [ ! -z "$KEYID" ]; then
- GPG="gpg --quiet -u $KEYID"
+ GPG="gpg --quiet --no-encrypt-to -u $KEYID"
else
- GPG="gpg --quiet"
+ GPG="gpg --quiet --no-encrypt-to"
fi
# Check keyring config version