# # A Makefile to encrypt certain files to the right people. # # usage: "make foo.gpg" will encrypt foo.txt # # * If unencrypted file exists and is newer than the encrypted, it will # encrypt it. # * If the unencrypted file exists and is not newer than the encrypted, it # will report "up to date" and won't encrypt it # * If the unencrypted file doesn't exist, it will say you are dumb. # # If you don't have one of the keys needed for encrypting: # # gpg --recv-keys # gpg --fingerprint --keyid-format long # # IT IS IMPERATIVE THAT YOU VERIFY THE FINGERPRINT. # gpg does not verify the fingerprint when you run --recv-keys. # # To add additional files to be encrypted: # # files := file_a file_b # file_a_readers := user1 user2 # file_b_readers := user3 user4 # # Files should be named without their suffix. The actual source file must # always end in .txt, and the encrypted file will always end in .gpg. # # After you change the x_readers list for a file, you will need to run # `touch x.txt` in order for `make` to encrypt `x.gpg`. # ## ## CONFIGURE HERE ## austin := 5C71C8B497B47404 drebs := B2B397904D39F3B3D4BA511EA5E6BCA629BA4127 elijah := 8688B48800440025 kali := 23638BF72C593BC1 kwadronaut := BD68C7AA997FA77F makechanges := 57F8E5D4069A9F31 mcnair := 1D52157B22532C5B micah := 8CBF9A322861A790 parmegv := E7BD709798449799 sunbird := D45523676ED610B7 varac := 5465E77E7876ED04 files := accounts apple android dns financial jenkins legal vps distro graphite accounts_readers := elijah mcnair micah kwadronaut apple_readers := elijah micah kali android_readers := elijah kwadronaut austin dns_readers := kwadronaut elijah micah varac financial_readers := elijah sunbird makechanges micah jenkins_readers := micah parmegv kwadronaut legal_readers := elijah sunbird makechanges mcnair vps_readers := kwadronaut elijah micah varac distro_readers := elijah micah varac kwadronaut graphite_readers := kali varac drebs ## ## NO NEED TO MODIFY BELOW HERE ## GPG := gpg --sign --encrypt plaintext_input := $(addsuffix .txt, ${files}) encrypted_output := $(addsuffix .gpg, ${files}) empty := space := $(empty) $(empty) comma := , all: @echo "USAGE: make FILE\n where FILE is one of $(subst $(space),$(comma)$(space),${encrypted_output})" $(encrypted_output): %.gpg : %.txt @echo "Encrypting '$<' to '$@' with these keys: $($(<:.txt=)_readers)" $(GPG) $(foreach reader,$($(<:.txt=)_readers),--recipient $($(reader))) --output $@ $< $(plaintext_input): @echo "'$@' doesn't exist, why are you trying to encrypt it?" @exit 1