sillysecrets

command name: sesi (i swapped the vowels because i’m evil >:3)

A group-oriented secret storage tool, inspired by sops and using age for encryption.

Groups

The primary structure of sillysecrets. They are made up of the following fields, all of which are optional:

key: the public key for which secrets of this groups are encrypted.
contains: list of group names whose secrets should be encrypted for this group too
grants: list of group names for which the secrets of this group should be encrypted too
secrets: the actual set of secrets

Create a sesi.yaml file to store your groups. Take a look at the example for reference. Do not fill in any secrets; they are created using the edit subcommand instead.
Run sesi edit <group>.<secret> for every secret you want to create. This command will create new, empty secrets or edit their current value. vipe from the moreutils package will be used as your temporary editor.
If you simply want to read an existing secret, use sesi decrypt <group>.<secret>
After changing the grants & contains lists or any group’s key, you need to run sesi rekey in order to propagate these changes to the secrets. This will attempt to de- and reencrypt every secret while skipping over those it can’t decrypt (because of missing identity files).

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
cmd		cmd
example		example
internal		internal
pkg		pkg
.envrc		.envrc
.gitignore		.gitignore
LICENSE		LICENSE
README.org		README.org
flake.lock		flake.lock
flake.nix		flake.nix
go.mod		go.mod
go.sum		go.sum
main.go		main.go
sesi		sesi