101 lines
2.6 KiB
Python
101 lines
2.6 KiB
Python
#
|
|
# Copyright © 2022 Maestro Creativescape
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
#
|
|
|
|
# Imports
|
|
from git import Repo
|
|
import os
|
|
from shutil import copytree, rmtree
|
|
from pathlib import Path
|
|
from glob import glob
|
|
import subprocess
|
|
from time import time
|
|
from shutil import rmtree
|
|
|
|
cwd = os.getcwd()
|
|
path = Path(cwd)
|
|
base_dir = str(path.parent.absolute())
|
|
|
|
# Blacklist, prevents handling these files altogether
|
|
BLACKLIST = [
|
|
".git",
|
|
".obsidian",
|
|
".idea",
|
|
".gitlab-ci.yml",
|
|
cwd.split(base_dir + "/")[1]
|
|
]
|
|
|
|
# Env vars to handle creds
|
|
enc_path = os.environ.get("ENCRYPTED_PATH")
|
|
enc_repo = os.environ.get("ENCRYPTED_REPO")
|
|
enc_key = os.environ.get("ENCRYPTION_KEY")
|
|
ssh_key = os.environ.get("SSH_SECRET_KEY")
|
|
|
|
git_ssh_cmd = f"ssh -i {ssh_key}"
|
|
|
|
# Create our encrypted directory base
|
|
current_time = str(int(time()))
|
|
if os.path.exists(enc_path):
|
|
rmtree(enc_path)
|
|
os.mkdir(enc_path)
|
|
os.chdir(enc_path)
|
|
|
|
# Initialise the repo for our encrypted directory and add the remote
|
|
repo = Repo.init(enc_path)
|
|
repo.create_remote(
|
|
"origin",
|
|
f"ssh://git@github.com/{enc_repo}.git",
|
|
)
|
|
|
|
# Glob the file list of "." starting files and non "." starting files
|
|
file_list = glob(base_dir + "/**/.*", recursive=True) + glob(
|
|
base_dir + "/**/*", recursive=True
|
|
)
|
|
|
|
# Start going through the file list, and create all directories
|
|
for i in file_list:
|
|
if os.path.isdir(i):
|
|
rel_path = i.split(base_dir + "/")[1]
|
|
for j in BLACKLIST:
|
|
if j in rel_path:
|
|
break
|
|
else:
|
|
os.mkdir(enc_path + "/" + rel_path)
|
|
|
|
# Use a subprocess to chacha20 encrypt everything, and push it to the requested directory
|
|
for i in file_list:
|
|
rel_path = i.split(base_dir + "/")[1]
|
|
if not os.path.isdir(i):
|
|
for j in BLACKLIST:
|
|
if j in rel_path:
|
|
break
|
|
else:
|
|
process = subprocess.run(
|
|
[
|
|
"openssl",
|
|
"enc",
|
|
"-chacha20",
|
|
"-base64",
|
|
"-salt",
|
|
"-iter",
|
|
"1000",
|
|
"-pass",
|
|
f"pass:{enc_key}",
|
|
"-md",
|
|
"sha512",
|
|
"-in",
|
|
i,
|
|
"-out",
|
|
enc_path + "/" + rel_path,
|
|
]
|
|
)
|
|
|
|
# Add, commit and push it all
|
|
repo.git.add(".")
|
|
repo.index.commit(f"Commit as of {current_time}")
|
|
repo.git.push("origin", "master", force=True, env=dict(GIT_SSH_COMMAND=git_ssh_cmd))
|
|
|
|
# Cleanup once you are done
|
|
rmtree(enc_path)
|