I wrote something similar about a year ago, but I believe it required less changes to pass.
You can look it up here: https://lists.zx2c4.com/pipermail/password-store/2016-February/002099.html Maybe it's worth taking a look at both and maybe even combining them? :) Regards, Lenz Am 26.11.2016 um 07:47 schrieb Lance R. Vick: > Posts come up very frequently with people coming up with various > workarounds and hacks to support team workflows. > > This month there have already been two threads requesting solutions for this: > > https://lists.zx2c4.com/pipermail/password-store/2016-November/002463.html > https://lists.zx2c4.com/pipermail/password-store/2016-November/002482.html > > For many it is necessary to maintain several passdb folders for > personal, family, work, projects, etc. Maintaining this typically > requires each of these with its own repo, users, and git origins. > > One could come up with custom scripts/wrappers to support this (and > many do), but then those scripts must be signed and distributed and > updated properly with all members in a group which makes adoption of > pass that much more difficult. I feel this really should be solved in > pass itself and clearly others agree. > > The pass maintainer has also expressed interest in in-tree solutions > to this problem but the last submission attempt fizzled out. > > https://lists.zx2c4.com/pipermail/password-store/2015-April/001455.html > > ## Subtree Pattern ## > > Currently the only workflow I have found that is natively supported by > pass today is using subtrees. I have been using the following approach > for over a year with 3 repos and 2 teams. > > While it does work, it is fairly cumbersome. > > Setup: > > ``` > pass init ABCDE12345678901 > pass git init > pass git remote add origin [email protected]:lrvick/passdb.git > pass git remote add -f project [email protected]:project/passdb.git > pass git remote add -f company [email protected]:company/passdb.git > cd ~/.password-store > git subtree add --prefix Project someproject master --squash > git subtree add --prefix Company someproject master --squash > ``` > > Add/Edit > > ``` > pass generate Project/somepass 50 > pass rm Personal/somepass > pass edit Work/somepass > ``` > > Sync to/from respective origins > > ``` > pass git subtree push origin master > pass git subtree pull --prefix=Project project master --squash > pass git subtree pull --prefix=Company company master --squash > pass git subtree push --prefix=Project project master > pass git subtree push --prefix=Company company master > ``` > > The above also has some particularly painful side effects when > enforcing commit signing + upstream merges. In practice this has > resulted in us having to tap a yubikey to sign once for every file in > the repo... > > > ## Submodule Pattern ## > > With the attached patch for submodule support the above could become > substantially more manageable. > > Personal Setup: > > ``` > pass init ABCDE12345678901 > pass git init > git remote add origin [email protected]:lrvick/passdb.git > ``` > > Existing shared repo setup: > > ``` > pass git submodule add [email protected]:project/passdb.git Project > pass git submodule add [email protected]:work/passdb.git Work > pass git submodule foreach "git checkout origin master" > ``` > > Add/Edit > > ``` > pass generate Project/somepass 50 > pass rm Personal/somepass > pass edit Work/somepass > ``` > > Sync to/from respective origins > > ``` > pass git push > pass git submodule foreach "git pull" > pass git submodule foreach "git push" > ``` > > ## Design and Implementation ## > > This change makes `pass` commit to the innermost Git repository (as > identified by the presence of a `.git` file/folder) that contains a > file, when it is changed. > > It was designed to minimize the number of changes to `pass` and not > break existing usages. A few extra tests have been supplied for the > new workflow. > > Whenever a new commit is performed (upon add/edit/remove), `GIT_DIR` > and `GIT_WORK_TREE` are set to the relevant directories. > > It is worth mentioning this patchset has already undergone a few > rounds of testing, bug-fixing, and code review here: > > https://github.com/lrvick/password-store/pull/1 > > More input (or a merge!) would be very appreciated. > > > > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
