Skip to content

Latest commit

 

History

History
90 lines (59 loc) · 2.95 KB

README.md

File metadata and controls

90 lines (59 loc) · 2.95 KB

trk

trk

Trk (or track) is a Git wrapper to managed repositories and encrypt files.

It can be used to manage regular Git repositories or to manage a global repository like a dotfiles repository.

It is shamelessly inspired from yadm and transcrypt.

Encryption is done via OpenSSL and leverage Git clean/smudge filters to encrypt and decrypt files seamlessly, meaning that encrypted files are stored in the repository and decrypted on the fly when checked out.

Quick start

Grab the script and install it in your path:

wget https://raw.githubusercontent.com/TheoBrigitte/trk/refs/heads/main/trk
install -D -m 755 trk ~/.local/bin/trk

From scratch

trk init

From existing repository

trk setup

From a remote repository

trk clone <url>

Encryption

Trk encrypts files on the fly when added to the repository. To define which files should be encrypted, you can set a file or pattern (see man gitignore for more information) with the following command:

trk mark <file>
or
trk mark '<pattern>' # Don't forget the quotes, otherwise the shell will expand the pattern

Encryption is done via OpenSSL and the key is stored in the GIT_DIR/config file. The key is generated when the repository is initialized. The key is then used to encrypt and decrypt files on the fly when they are added to the repository or checked out. OpenSSL cipher and arguments can be viewed and modified using the following commands:

trk openssl get-args
trk openssl set-args <args>

You can then work with the repository as you would with a regular Git repository and encryption will happen seamlessly.

Check content stored in Git

You can verify that the content stored in Git is encrypted by running the following commands:

trk rev-list --objects -g --no-walk --all
trk cat-file -p <hash>

Global / dotfile repository

Trk can be used to manage a global repository, like a dotfiles repository. This happens with you use the --worktree option with the init and clone commands.

Global repository is created in a unique location and can be used to manage all files in the given worktree without having to create the Git repository there. For example creating a Git directory in your home directory is probably not a good idea as it will clutter your home directory with Git files and you may accidentally commit files that you don't want to when working on other projects where you forgot to initialize a Git repository.

From scratch

trk init --worktree <path>

From a remote repository

trk clone --worktree <path> <url>

You can then work with the repository using trk as you would with a regular Git repository, encryption works the same way.