forked from hswaw/hscloud
35 lines
961 B
Python
35 lines
961 B
Python
#!/usr/bin/env python3
|
|
|
|
# A little tool to encrypt/decrypt git secrets. Kinda like password-store, but more purpose specific and portable.
|
|
|
|
import sys
|
|
import subprocess
|
|
|
|
keys = [
|
|
"63DFE737F078657CC8A51C00C29ADD73B3563D82", # q3k
|
|
"482FF104C29294AD1CAF827BA43890A3DE74ECC7", # inf
|
|
]
|
|
|
|
def main():
|
|
if len(sys.argv) < 3 or sys.argv[1] not in ('encrypt', 'decrypt'):
|
|
sys.stderr.write("Usage: {} encrypt/decrypt file\n".format(sys.argv[0]))
|
|
sys.stderr.flush()
|
|
return 1
|
|
|
|
action = sys.argv[1]
|
|
src = sys.argv[2]
|
|
|
|
if action == 'encrypt':
|
|
cmd = ['gpg' , '--encrypt', '--armor', '--batch', '--yes', '--output', '-']
|
|
for k in keys:
|
|
cmd.append('--recipient')
|
|
cmd.append(k)
|
|
cmd.append(src)
|
|
subprocess.check_call(cmd)
|
|
else:
|
|
cmd = ['gpg', '--decrypt', '--output', '-', src]
|
|
subprocess.check_call(cmd)
|
|
|
|
if __name__ == '__main__':
|
|
sys.exit(main() or 0)
|