From f284623dc005b531f36b337553b771e57a247752 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 18 Jun 2015 16:33:30 -0300 Subject: Rename README (2) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 07513f2..2303f98 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,7 @@ install_bin: $(INSTALL) -D --mode=0755 keyringer $(DESTDIR)/$(PREFIX)/bin/keyringer install_doc: - $(INSTALL) -D --mode=0644 index.mdwn $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/README + $(INSTALL) -D --mode=0644 index.mdwn $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/README.md $(INSTALL) -D --mode=0644 LICENSE $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/LICENSE install_man: -- cgit v1.2.3 From 9d14500cfa3388685500e274c016f5dc38bbc10d Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 20 Jun 2015 10:13:45 -0300 Subject: Support for static site generation --- .gitignore | 1 + Makefile | 6 ++++++ 2 files changed, 7 insertions(+) (limited to 'Makefile') diff --git a/.gitignore b/.gitignore index 55c4e77..b0a1293 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,5 @@ debian/files debian/files debian/keyringer.substvars tarballs +www .pc diff --git a/Makefile b/Makefile index 2303f98..9183f2f 100644 --- a/Makefile +++ b/Makefile @@ -81,3 +81,9 @@ debian: dch -e git commit -a -m "Updating debian/changelog" git-buildpackage --git-tag-only --git-sign-tags + +wiki: + @ikiwiki --setup ikiwiki.setup + +wiki_deploy: + @rsync -avz --delete keyringer/ blog:/var/sites/keyringer/www/ -- cgit v1.2.3 From 10314ed834e75abfff1e0d8b6525b2416865be60 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 20 Jun 2015 10:15:58 -0300 Subject: Fix wiki_deploy --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 9183f2f..479c398 100644 --- a/Makefile +++ b/Makefile @@ -86,4 +86,4 @@ wiki: @ikiwiki --setup ikiwiki.setup wiki_deploy: - @rsync -avz --delete keyringer/ blog:/var/sites/keyringer/www/ + @rsync -avz --delete www/ blog:/var/sites/keyringer/www/ -- cgit v1.2.3 From f6584c42cf17028d186bb939a0609167ae178d2a Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Mon, 13 Jul 2015 11:25:05 -0300 Subject: Updates Makefile --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 479c398..6f13c8b 100644 --- a/Makefile +++ b/Makefile @@ -82,8 +82,8 @@ debian: git commit -a -m "Updating debian/changelog" git-buildpackage --git-tag-only --git-sign-tags -wiki: +web: @ikiwiki --setup ikiwiki.setup -wiki_deploy: +web_deploy: @rsync -avz --delete www/ blog:/var/sites/keyringer/www/ -- cgit v1.2.3 From 8c41dc261fabb133cb8d67530f6364adce4fef58 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 2 Jul 2016 15:29:37 -0300 Subject: Makefile: publish target --- Makefile | 2 ++ 1 file changed, 2 insertions(+) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 6f13c8b..73be8f5 100644 --- a/Makefile +++ b/Makefile @@ -87,3 +87,5 @@ web: web_deploy: @rsync -avz --delete www/ blog:/var/sites/keyringer/www/ + +publish: web web_deploy -- cgit v1.2.3 From dc4c62e5bffc41a3a128440341078de9075bd856 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 9 Nov 2016 10:22:20 -0200 Subject: Keyringer 0.4.0 --- ChangeLog | 16 +++++++++++++++ Makefile | 3 ++- development.mdwn | 12 ++++++------ keyringer | 2 +- share/man/keyringer.1 | 54 ++++++++++++++++++++++++--------------------------- 5 files changed, 50 insertions(+), 37 deletions(-) (limited to 'Makefile') diff --git a/ChangeLog b/ChangeLog index 2462e45..5bd3530 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,19 @@ +2016-11-09 - 0.4.0 - Silvio Rhatto + + Adopts Semantic Versioning + + Do not rely on git-flow + + Adds sclip action + + Ensure destination path exists at mv action + + Allow @ at file names + + Slightly more interactive keyringer_get_file + + Updates URLs and static site generation. + 2015-03-30 - 0.3.8 - Silvio Rhatto Eliminates hardcoded bash path, reported and fixed by diff --git a/Makefile b/Makefile index 73be8f5..b503b68 100644 --- a/Makefile +++ b/Makefile @@ -64,8 +64,9 @@ release: # https://github.com/nvie/gitflow/pull/160 # https://github.com/nvie/gitflow/issues/50 #git flow release finish -s -m "Keyringer $(VERSION)" $(VERSION) - git flow release finish -s $(VERSION) + #git flow release finish -s $(VERSION) git checkout master + git merge develop @make tarball gpg --use-agent --armor --detach-sign --output $(ARCHIVE)/keyringer-$(VERSION).tar.bz2.asc $(ARCHIVE)/keyringer-$(VERSION).tar.bz2 scp $(ARCHIVE)/keyringer-$(VERSION).tar.bz2* keyringer:/var/sites/keyringer/releases/ diff --git a/development.mdwn b/development.mdwn index 1788ba1..49a224c 100644 --- a/development.mdwn +++ b/development.mdwn @@ -8,20 +8,16 @@ Index Coding standards ---------------- +* Uses Semantic Versioning. * Respect the existing coding style. * Be clear: easy audability must be one of keyringer's requirements. -Development workflow --------------------- - -We use [git-flow](https://github.com/nvie/gitflow) for the development workflow. - Release workflow ---------------- Go to develop branch and start a new release - git flow release start VERSION + git checkout develop Prepare the source code: @@ -33,6 +29,10 @@ Create and upload a new release: make release +Tag the release: + + git tag -s $(VERSION) -m "Keyringer $(VERSION)" + Update the debian branch: make debian diff --git a/keyringer b/keyringer index 956bb73..a5ecd67 100755 --- a/keyringer +++ b/keyringer @@ -140,7 +140,7 @@ function keyringer_dispatch { # Config NAME="keyringer" -KEYRINGER_VERSION="0.3.8" +KEYRINGER_VERSION="0.4.0" CONFIG_VERSION="0.1" CONFIG_BASE="$HOME/.$NAME" CONFIG="$CONFIG_BASE/config" diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index 13de085..39669b6 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -1,7 +1,7 @@ -.TH KEYRINGER 1 "Oct 25, 2013" "Keyringer User Manual" +.TH "KEYRINGER" "1" "Oct 25, 2013" "Keyringer User Manual" "" .SH NAME .PP -keyringer - encrypted and distributed secret sharing software +keyringer \- encrypted and distributed secret sharing software .SH SYNOPSIS .PP keyringer <\f[I]keyring\f[]> <\f[I]action\f[]> [\f[I]options\f[]]... @@ -10,8 +10,8 @@ keyringer <\f[I]keyring\f[]> <\f[I]action\f[]> [\f[I]options\f[]]... Keyringer lets you manage and share secrets using GnuPG and Git in a distributed fashion. .PP -It has custom commands to create key-pairs and to encrypt, decrypt and -re-encrypt secrets. +It has custom commands to create key\-pairs and to encrypt, decrypt and +re\-encrypt secrets. It also supports encryption to multiple recipients and groups of recipients, to allow a workgroup to share access to a single repository while restricting some secrets to subsets of the group. @@ -87,14 +87,14 @@ Remove an empty folder inside the repository \f[I]keys\f[] folder. .TP .B tree <\f[I]path\f[]> List contents from the toplevel repository \f[I]keys\f[] folder or from -relative paths if \f[I]path\f[] is specified using a tree-like format. +relative paths if \f[I]path\f[] is specified using a tree\-like format. Like the ls wrapper, this is a wrapper around the \f[I]TREE(1)\f[] command. .RS .RE .TP .B shell -Run keyringer on interactive mode from a built-in command-line prompt +Run keyringer on interactive mode from a built\-in command\-line prompt where all other actions can be called and are operated from the current selected keyring. .RS @@ -138,7 +138,7 @@ read from the standard input and encrypting again. .RS .RE .TP -.B append-batch <\f[I]secret\f[]> +.B append\-batch <\f[I]secret\f[]> Append contents into a secret, batch mode. .RS .RE @@ -177,11 +177,11 @@ Rename a secret. .B edit <\f[I]secret\f[]> Edit a secret by temporarily decrypting it, opening the decrypted copy into the text editor defined by the \f[I]$EDITOR\f[] environment -variable and then re-encrypting it. +variable and then re\-encrypting it. .RS .PP Please make sure to use an -\f[I]\f[I]E\f[]\f[I]D\f[]\f[I]I\f[]\f[I]T\f[]\f[I]O\f[]\f[I]R\f[] * \f[I]w\f[]\f[I]h\f[]\f[I]i\f[]\f[I]c\f[]\f[I]h\f[]\f[I]d\f[]\f[I]o\f[]\f[I]e\f[]\f[I]s\f[]\f[I]n\f[]\f[I]o\f[]\f[I]t\f[]\f[I]l\f[]\f[I]e\f[]\f[I]a\f[]\f[I]k\f[]\f[I]d\f[]\f[I]a\f[]\f[I]t\f[]\f[I]a\f[]\f[I]l\f[]\f[I]i\f[]\f[I]k\f[]\f[I]e\f[]\f[I]h\f[]\f[I]i\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]r\f[]\f[I]y\f[]\f[I]b\f[]\f[I]u\f[]\f[I]f\f[]\f[I]f\f[]\f[I]e\f[]\f[I]r\f[]\f[I]s\f[]. \f[I]K\f[]\f[I]e\f[]\f[I]y\f[]\f[I]r\f[]\f[I]i\f[]\f[I]n\f[]\f[I]g\f[]\f[I]e\f[]\f[I]r\f[]\f[I]t\f[]\f[I]r\f[]\f[I]i\f[]\f[I]e\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]d\f[]\f[I]e\f[]\f[I]t\f[]\f[I]e\f[]\f[I]c\f[]\f[I]t\f[]\f[I]i\f[]\f[I]f\f[] * EDITOR\f[] +\f[I]\f[I]E\f[]\f[I]D\f[]\f[I]I\f[]\f[I]T\f[]\f[I]O\f[]\f[I]R\f[] * \f[I]w\f[]\f[I]h\f[]\f[I]i\f[]\f[I]c\f[]\f[I]h\f[]\f[I]d\f[]\f[I]o\f[]\f[I]e\f[]\f[I]s\f[]\f[I]n\f[]\f[I]o\f[]\f[I]t\f[]\f[I]l\f[]\f[I]e\f[]\f[I]a\f[]\f[I]k\f[]\f[I]d\f[]\f[I]a\f[]\f[I]t\f[]\f[I]a\f[]\f[I]l\f[]\f[I]i\f[]\f[I]k\f[]\f[I]e\f[]\f[I]h\f[]\f[I]i\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]r\f[]\f[I]y\f[]\f[I]b\f[]\f[I]u\f[]\f[I]f\f[]\f[I]f\f[]\f[I]e\f[]\f[I]r\f[]\f[I]s\f[].\f[I]K\f[]\f[I]e\f[]\f[I]y\f[]\f[I]r\f[]\f[I]i\f[]\f[I]n\f[]\f[I]g\f[]\f[I]e\f[]\f[I]r\f[]\f[I]t\f[]\f[I]r\f[]\f[I]i\f[]\f[I]e\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]d\f[]\f[I]e\f[]\f[I]t\f[]\f[I]e\f[]\f[I]c\f[]\f[I]t\f[]\f[I]i\f[]\f[I]f\f[] * EDITOR\f[] is set to VIM and disables the \f[I]\&.viminfo\f[] file. .RE .TP @@ -194,30 +194,26 @@ encrypt all it\[aq]s contents. .RS .RE .TP -.B encrypt-batch <\f[I]secret\f[]> [\f[I]file\f[]] +.B encrypt\-batch <\f[I]secret\f[]> [\f[I]file\f[]] Encrypt content, batch mode. Behavior is identical to \f[I]encrypt\f[] action, but less verbose. Useful inside scripts. .RS .RE .TP -.B genkeys -<\f[I]ssh\f[]|\f[I]gpg\f[]|\f[I]x509\f[]|\f[I]x509-self\f[]|\f[I]ssl\f[]|\f[I]ssl-self\f[]> -[\f[I]options\f[]] -Wrapper to generate encryption key-pairs, useful for automated key +.B genkeys <\f[I]ssh\f[]|\f[I]gpg\f[]|\f[I]x509\f[]|\f[I]x509\-self\f[]|\f[I]ssl\f[]|\f[I]ssl\-self\f[]> [\f[I]options\f[]] +Wrapper to generate encryption key\-pairs, useful for automated key deployment. .RS .RE .TP -.B genpair -<\f[I]ssh\f[]|\f[I]gpg\f[]|\f[I]x509\f[]|\f[I]x509-self\f[]|\f[I]ssl\f[]|\f[I]ssl-self\f[]> -[\f[I]options\f[]] +.B genpair <\f[I]ssh\f[]|\f[I]gpg\f[]|\f[I]x509\f[]|\f[I]x509\-self\f[]|\f[I]ssl\f[]|\f[I]ssl\-self\f[]> [\f[I]options\f[]] Alias for \f[I]genkeys\f[] action. .RS .RE .TP .B open <\f[I]secret\f[]> -Decrypt a secret into a temporary folder and open it using xdg-open, +Decrypt a secret into a temporary folder and open it using xdg\-open, which tries to figure out the file type and then calls the associated application. .RS @@ -227,16 +223,16 @@ file again into the secret file and deletes the temporary file. .RE .TP .B recrypt <\f[I]secret\f[]> -Re-encrypts a secret by decrypting it and encrypting it again. +Re\-encrypts a secret by decrypting it and encrypting it again. Useful when users are added into the recipient configuration. If no \f[I]secret\f[] is given, all secrets in the repository are -re-encrypted. +re\-encrypted. .RS .RE .TP .B clip <\f[I]secret\f[]> Copy the first line of a secret to the clipboard, following -password-store convention. +password\-store convention. .RS .RE .TP @@ -287,7 +283,7 @@ Alias for usage action. .RS .RE .TP -.B recipients <\f[I]ls\f[]|\f[I]edit\f[]> <\f[I]recipients-file\f[]> +.B recipients <\f[I]ls\f[]|\f[I]edit\f[]> <\f[I]recipients\-file\f[]> List, create or edit recipients configuration. .RS .PP @@ -296,13 +292,13 @@ used by keyringer when encrypting secrets and associated with email aliases. .PP Keyringer uses a default recipients file, but specifying a custom -\f[I]recipients-file\f[] pathname will override this default. +\f[I]recipients\-file\f[] pathname will override this default. .PP For instance, if a user encrypts a secret to a file in the keyring -repository\[aq]s \f[I]accounting\f[] folder, a \f[I]recipients-file\f[] +repository\[aq]s \f[I]accounting\f[] folder, a \f[I]recipients\-file\f[] under \f[I]accounting\f[] will be used. -Encrypting a secret into \f[I]accounting/bank-accounts\f[] will result -in a file \f[C]$KEYRING_FOLDER/keys/accounting/bank-accounts.asc\f[] +Encrypting a secret into \f[I]accounting/bank\-accounts\f[] will result +in a file \f[C]$KEYRING_FOLDER/keys/accounting/bank\-accounts.asc\f[] encrypted using the public keys listed in the config file\f[C]$KEYRING_FOLDER/config/recipients/accounting\f[]. .PP @@ -328,7 +324,7 @@ Create or edit a recipients file. Editing happens using the editor specified by the \f[C]$EDITOR\f[] environment variable. .PP -The required parameter \f[I]recipients-file\f[] is interpreted relative +The required parameter \f[I]recipients\-file\f[] is interpreted relative to the \f[C]$KEYRING_FOLDER/config/recipients/\f[] folder. .RE .RE @@ -350,11 +346,11 @@ Metadata is not encrypted, meaning that an attacker with access to a keyringer repository can discover all public key IDs used for encryption, and which secrets are encrypted to which keys. This can be improved in the future by encrypting the repository -configuration with support for the \f[I]\-\-hidden-recipient\f[] GnuPG +configuration with support for the \f[I]\-\-hidden\-recipient\f[] GnuPG option and encrypted repository options. .PP To mitigate that, it\[aq]s possible to keep the repo just atop of an -encrypted and non-public place. +encrypted and non\-public place. .IP "2." 3 History is not rewritten by default when secrets are removed from a keyringer repository. -- cgit v1.2.3