67c7876629
This forces sops to use our config file, otherwise if any of the
environment variables set to specify recipients is present then
`--config` will be ignored (see [env_check]).
That's simple enough, still I ended up refactoring how we call sops for
correctness, and to align with its behavior. The code now distinguishes
between public and private keys explicitly. `secrets.decrypt_secret`
does not try to lookup for public and private keys anymore.
With this changeset, some people might have to adjust their environment
as public age and PGP keys will be discovered like sops would do. In
particular if multiple public keys are discovered, then the user will
have to specify which one to use for the clan.
This also makes the following changes:
- try to use `/dev/shm` when swapping a secret (it's what [pass] does
fwiw);
- alias immediate values for readability;
- remove some float comparison that could never succeed, and use sops'
exit status instead;
- remove unused function `maybe_get_sops_key`.
[env_check]: 8c567aa8a7/cmd/sops/main.go (L2229)
[pass]: http://passwordstore.org/
Clan core repository
Welcome to the Clan core repository, the heart of the clan.lol project! This monorepo is the foundation of Clan, a revolutionary open-source project aimed at restoring fun, freedom, and functionality to computing. Here, you'll find all the essential packages, NixOS modules, CLI tools, and tests needed to contribute to and work with the Clan project. Clan leverages the Nix system to ensure reliability, security, and seamless management of digital environments, putting the power back into the hands of users.
Why Clan?
Our mission is simple: to democratize computing by providing tools that empower users, foster innovation, and challenge outdated paradigms. Clan represents our contribution to a future where technology serves humanity, not the other way around. By participating in Clan, you're joining a movement dedicated to creating a secure, user-empowered digital future.
Features of Clan
- Full-Stack System Deployment: Utilize Clan’s toolkit alongside Nix's reliability to build and manage systems effortlessly.
- Overlay Networks: Secure, private communication channels between devices.
- Virtual Machine Integration: Seamless operation of VM applications within the main operating system.
- Robust Backup Management: Long-term, self-hosted data preservation.
- Intuitive Secret Management: Simplified encryption and password management processes.
Getting started with Clan
If you're new to Clan and eager to dive in, start with our quickstart guide and explore the core functionalities that Clan offers:
- Quickstart Guide: Check out getting started to get up and running with Clan in no time.
Managing secrets
In the Clan ecosystem, security is paramount. Learn how to handle secrets effectively:
- Secrets Management: Securely manage secrets by consulting secrets.
Contributing to Clan
The Clan project thrives on community contributions. We welcome everyone to contribute and collaborate:
- Contribution Guidelines: Make a meaningful impact by following the steps in contributing.
Join the revolution
Clan is more than a tool; it's a movement towards a better digital future. By contributing to the Clan project, you're part of changing technology for the better, together.
Community and support
Connect with us and the Clan community for support and discussion:
- Matrix channel for live discussions.
- IRC bridge on hackint#clan for real-time chat support.