Makefile


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

.POSIX:


all:


check:

clean:
	rm -rf \
		src/secrets/*.txt

public:


secrets.txt.gpg = \
	src/secrets/borg-passphrase.txt.gpg
secrets.txt = $(secrets.txt.gpg:.gpg=)


.SUFFIXES: .gpg

.gpg:
	gpg -d < $< > $@

$(secrets.txt.gpg):
	gpg -aer eu@euandre.org < $(@D)/`basename $@ .gpg` > $@

upload-secrets: $(secrets.txt)
	ssh euandre.org sudo -u secrets-keeper 'rm -f /opt/secrets/*'
	rsync \
		--rsync-path='sudo -u secrets-keeper rsync' \
		--chmod=000                                 \
		-avzP                                       \
		$(secrets.txt) euandre.org:/opt/secrets/


## Generate the ".ssh/authorized_keys" file and upload
## it to rsync.net.
upload-keys:
	cat src/infrastructure/keys/SSH/*.pub | ssh suyin dd of=.ssh/authorized_keys