Sanitizing .dotfiles with make

I recently decided to put my various config files (dotfiles) in git, so as to make them more easily portable (and shareable): https://github.com/ergonlogic/.dotfiles

I'm relatively new to quite a few of these program (irssi, mutt, awesome) so I'm finding myself spending a lot of time figuring out how to configure them to my liking. I'd say I'm only about 60% of the way there, but it's still miles better than the alternatives (pidgin, thunderbird, gnome).

Anyway, one problem I ran into recently was how irssi saves it's config file, in that it includes a password (or two) in cleartext. I initially figured there was a script that solved this, but I haven't had any luck finding such a thing. So, I went with an old-school approach by building a little makefile that would sanitize the config file for posting to github:

<pre># Set our real passwords here as variables
pwd1=f1r5t_f4k3_Pa55w0rd
pwd2=s3c0nd_f4k3_Pa55w0rd</pre>
<pre>config.pub: config
&nbsp;&nbsp;&nbsp;&nbsp;cp config config.pub &nbsp; &nbsp; &nbsp; &nbsp;  &nbsp; &nbsp; &nbsp; # These lines should
&nbsp;&nbsp;&nbsp;&nbsp;sed -i s/$(pwd1)/PASSWORD/g $@ &nbsp; &nbsp; # be indented with
&nbsp;&nbsp;&nbsp;&nbsp;sed -i s/$(pwd2)/PASSWORD/g $@ &nbsp; &nbsp; #  tabs
</pre>

So, with that in place at ~/.irssi/Makefile, I can simply run "make" any time I update my irssi config, and it'll update and sanitize 'config.pub' which I'll then push as a commit to github.

I'm considering wrapping my whole dotfiles git workflow in a makefile that takes care of the whole thing for me. It could, for that matter include a sanitized version of the makefile itself...

Anyway, one small slip I made along the way was to include 'config_autosave,' which included stuff I didn't want appearing in the git history. Since this had dated back to the initial commit, I considered just deleting the repo from github, and starting it anew. However, I'd recently been cleaning up the commit history of another project (Casetracker Feeds Integration), and discovered this nifty trick: http://stackoverflow.com/questions/598672/git-how-to-squash-the-first-tw...

Comments

Not sure if it's up your alley, but this might be a partial solution:
https://github.com/technicalpickles/homesick

You designate repos to be your "castles" that are pulled in and symlinked, and while I haven't tried it, I think you can set mutliple repos to pull from -- one public and one private. Assuming that you can split you config up into multiple files (one with the public data and one with the private) this might be an option for keeping it all organized :)

Like I said, haven't tried it yet, so you're blazing new territory as far as I'm concerned

-- Pat

Ok yeah, playing around with it now, and if you use homesick, it seems the way to go is to add "source ~/.whatever" into the public dotfile, and keep that dotfile in the public "castle" (in homesick speak, which is actually just a repo). Then commit all those private dotfiles into another castle which you can keep in a private git repo

so once you've got a repo set up (presumeably called "homesick-public" or whatever), you can add new files like this:
homesick track ~/.mynewdotfile homesick-public
(cd ~/.homesick/repos/homesick-public/ && git push)

and on a new computer, you'd do:
sudo gem install homesick
homesick clone git@github.com:ergologic/homesick-private.git
homesick symlink homesick-private
homesick clone git@github.com:ergologic/homesick-public.git
homesick symlink homesick-public

Updates if you work on multiple computers (or servers) is as simple as:
homesick pull homesick-public
homesick symlink homesick-public

Does that work with your workflow? The only tough part is dotfiles that are in ini format, because then you can't easily separate out the secrete stuff with "source"...