[pass] Multiple git repos in single tree

Brian Candler b.candler at pobox.com
Mon May 9 12:59:43 CEST 2016

(I don't know if this has been discussed or proposed before)

I have multiple git-backed password stores for different clients. Right 
now I am using wrapper scripts to set the base directory, e.g.

PASSWORD_STORE_DIR=/Users/brian/git/client1/password-store pass "$@"

PASSWORD_STORE_DIR=/Users/brian/git/client2/password-store pass "$@"

However this is a bit messy, and means I have to type the correct 
command variant each time.

What would be nicer is if the various git repos could go as 
subdirectories under .password_store:


Then password abc/def from client1 could be extracted by "pass -c 
c1/abc/def" with no wrapper scripts required.

In principle, pass already lends itself to this quite well: e.g. c1 and 
c2 have their own .gpg_id files, and "pass c1" already lists all the 
subfiles if c1 is a directory.

I think the issues are:

1. "pass git push" and "pass git pull" currently enforce that there is a 
.git directory at the top level, and in any case wouldn't know which 
repo I was talking about. It would have to be extended e.g.
"pass -p c1 git push" or "pass @c1 git push"

2. git adds and commits have to take place in the right repo.

This will involve either:
- walking back up the tree from the leaf to find a parent with a .git 
subdirectory, and setting GIT_DIR to this; or
- cd to the directory where the file exists, and let git itself walk upwards

3. What happens if I put my personal password store (also a git repo) at 
the top level, and client password stores as subdirectories? This means 
I'll have a git repo within a git repo. Maybe git submodules would be 
required, but that makes things complicated.

But I can sidestep that just by keeping them in separate directories.


Any comments?



More information about the Password-Store mailing list