19 lines
593 B
Bash
Executable File
19 lines
593 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# unlocks the SOPS store (i.e. populate a SOPS key from the user's SSH key)
|
|
set -ex
|
|
|
|
mkdir -p ~/.config/sops/age
|
|
|
|
# unlock the SSH key
|
|
cp ~/.ssh/id_ed25519 ~/.config/sops/age/id_ed25519
|
|
ssh-keygen -p -N "" -f ~/.config/sops/age/id_ed25519
|
|
# convert ssh -> age
|
|
ssh-to-age -private-key -i ~/.config/sops/age/id_ed25519 > ~/.config/sops/age/keys.txt
|
|
chmod 600 ~/.config/sops/age/keys.txt
|
|
|
|
# remove the unlocked SSH key
|
|
rm ~/.config/sops/age/id_ed25519
|
|
|
|
# present the pubkey for convenience (e.g. if this sops key is new)
|
|
echo pubkey: $(cat ~/.ssh/id_ed25519.pub | ssh-to-age)
|