1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
#
# A Makefile to encrypt certain files to the right people.
#
# usage: "make foo.gpg" will encrypt foo.txt
#
# * If unencrypted file exists and is newer than the encrypted, it will
# encrypt it.
# * If the unencrypted file exists and is not newer than the encrypted, it
# will report "up to date" and won't encrypt it
# * If the unencrypted file doesn't exist, it will say you are dumb.
#
# If you don't have one of the keys needed for encrypting:
#
# gpg --recv-keys <fingerprint>
# gpg --fingerprint --keyid-format long <fingerprint>
#
# IT IS IMPERATIVE THAT YOU VERIFY THE FINGERPRINT.
# gpg does not verify the fingerprint when you run --recv-keys.
#
# To add additional files to be encrypted:
#
# files := file_a file_b
# file_a_readers := user1 user2
# file_b_readers := user3 user4
#
# Files should be named without their suffix. The actual source file must
# always end in .txt, and the encrypted file will always end in .gpg.
#
# After you change the x_readers list for a file, you will need to run
# `touch x.txt` in order for `make` to encrypt `x.gpg`.
#
##
## CONFIGURE HERE
##
anjan := 67AFF2EDA74669B1D9E6B95524EF5FFED28CA2B3
cyberta := 838EEC04AFDCC8E9C46AB0EFDF32A57F8D3C3B20
drebs := B2B397904D39F3B3D4BA511EA5E6BCA629BA4127
elijah := 8688B48800440025
kali := 23638BF72C593BC1
kwadronaut := BD68C7AA997FA77F
#makechanges := 57F8E5D4069A9F31
makechanges := 5F9236638A53EDA21FF914AA25CA7AFB8D07C1EB
mcnair := 1D52157B22532C5B
micah := 9621C386
varac := 5465E77E7876ED04
meskio := 07948FFA64160A425BCD27EAC732B1D1C28F4E2F
files := accounts apple android dns financial jenkins legal panoramix twitter vps distro graphite snap thunderbird windoze windozecert microsoft reports archivesign
accounts_readers := cyberta mcnair micah kwadronaut
apple_readers := micah kali makechanges kwadronaut
android_readers := kwadronaut cyberta micah makechanges
archivesign_readers := micah cyberta kwadronaut
dns_readers := kwadronaut micah makechanges
financial_readers := makechanges micah
graphite_readers := kali varac
jenkins_readers := micah kwadronaut
legal_readers := makechanges mcnair
panoramix_readers := kwadronaut kali micah
distro_readers := micah kwadronaut
microsoft_readers := micah makechanges kwadronaut
twitter_readers := kali kwadronaut micah mcnair
snap_readers := kali meskio kwadronaut
thunderbird_readers := meskio kali
reports_readers := cyberta makechanges mcnair kwadronaut
vps_readers := kwadronaut micah
windoze_readers := anjan micah kali kwadronaut
windozecert_readers := anjan micah kali kwadronaut
##
## NO NEED TO MODIFY BELOW HERE
##
GPG := gpg --sign --encrypt
plaintext_input := $(addsuffix .txt, ${files})
encrypted_output := $(addsuffix .gpg, ${files})
empty :=
space := $(empty) $(empty)
comma := ,
all:
@echo "USAGE: make FILE\n where FILE is one of $(subst $(space),$(comma)$(space),${encrypted_output})"
$(encrypted_output): %.gpg : %.txt
@echo "Encrypting '$<' to '$@' with these keys: $($(<:.txt=)_readers)"
$(GPG) $(foreach reader,$($(<:.txt=)_readers),--recipient $($(reader))) --output $@ $<
$(plaintext_input):
@echo "'$@' doesn't exist, why are you trying to encrypt it?"
@exit 1
|
