[pass] Multiple git repos in single tree
b.candler at pobox.com
Mon May 9 12:59:43 CEST 2016
(I don't know if this has been discussed or proposed before)
I have multiple git-backed password stores for different clients. Right
now I am using wrapper scripts to set the base directory, e.g.
PASSWORD_STORE_DIR=/Users/brian/git/client1/password-store pass "$@"
PASSWORD_STORE_DIR=/Users/brian/git/client2/password-store pass "$@"
However this is a bit messy, and means I have to type the correct
command variant each time.
What would be nicer is if the various git repos could go as
subdirectories under .password_store:
Then password abc/def from client1 could be extracted by "pass -c
c1/abc/def" with no wrapper scripts required.
In principle, pass already lends itself to this quite well: e.g. c1 and
c2 have their own .gpg_id files, and "pass c1" already lists all the
subfiles if c1 is a directory.
I think the issues are:
1. "pass git push" and "pass git pull" currently enforce that there is a
.git directory at the top level, and in any case wouldn't know which
repo I was talking about. It would have to be extended e.g.
"pass -p c1 git push" or "pass @c1 git push"
2. git adds and commits have to take place in the right repo.
This will involve either:
- walking back up the tree from the leaf to find a parent with a .git
subdirectory, and setting GIT_DIR to this; or
- cd to the directory where the file exists, and let git itself walk upwards
3. What happens if I put my personal password store (also a git repo) at
the top level, and client password stores as subdirectories? This means
I'll have a git repo within a git repo. Maybe git submodules would be
required, but that makes things complicated.
But I can sidestep that just by keeping them in separate directories.
More information about the Password-Store