Multiple Git subdirectories for different environments
Brian Candler
b.candler at pobox.com
Thu Jan 12 14:00:01 CET 2017
On 12/01/2017 12:38, Grégoire Détrez wrote:
> Assuming you have the following structure in your repository:
> .password-store
> ├── home
> │ └── foo.gpg
> └── work
> └── foo.gpg
>
> with
>
> $ pass home/foo
> 1234
> $ pass work/foo
> 4321
>
> Then you can do set the environment variables like this:
>
> $ export PASSWORD_STORE_GIT=~/.password-store
> $ export PASSWORD_STORE_DIR=~/.password-store/home
> $ pass foo
> 1234
> $ export PASSWORD_STORE_DIR=~/.password-store/work
> $ pass foo
> 4321
I don't think that addresses the question, because it's assuming that
all the passwords are in the same git repo.
What I think the OP wants (it's certainly what I want!) is to have
multiple git repos, so I can sync my home passwords to one repo and my
work passwords to another one:
.password-store
├── home
│ └── .git
│ └── foo.gpg
└── work
└── .git
└── foo.gpg
This doesn't work, for reasons which you'll find in the list archives.
Briefly, "pass git pull" doesn't work unless the top-level is a git
repo. But if you make an outer git repo, and make the inner ones be
submodules, pass fails to commit changes because its working directory
is not inside the correct submodule.
The only sensible way I've found to make this work is using shell
scripts or aliases: e.g. create a script called "workpass" like this
#!/bin/sh
PASSWORD_STORE_DIR=/Users/brian/git/work-pass/password-store pass "$@"
However I've been bitten several times by accidentally using "pass edit
foo" or (worse) "pass init <ids>" when I meant to type "workpass edit
foo" or "workpass init <ids>"
For me, the perfect solution would be:
* the .password-store tree can have zero or more git repos, in any place
* "pass edit foo/bar" would commit to the git repo which contains
foo/bar (or none, if it's outside any git tree)
* "pass pull foo/bar" would git pull the repo which contains foo/bar
* "pass pull" would git pull all the repos recursively
Regards,
Brian.
More information about the Password-Store
mailing list