regpg - safely store server secrets

The regpg program is a thin wrapper around gpg for looking after secrets that need to be stored encrypted in a version control system (so you don't have to trust the VCS server) and decrypted when your configuration management system deploys them to servers.

Overview

Documentation

If you use regpg, let me know! Send me mail at dot@dotat.at.

If you would like to submit a bug report or a patch, see doc/contributing.md

Installing

For a simple one-file install you can copy the regpg script to a directory on your $PATH.

You can run make install to install the script and man page to the standard places in your home directory. See the start of the Makefile for variables you can set on the command line to adjust the install location.

Dependencies

To use regpg you need the following programs. I've listed the versions that I have tested.

You only need the following programs if you use regpg's helper subcommands.

Downloads

Download the single-file regpg perl script: https://dotat.at/prog/regpg/regpg and its GPG signature

Download the full source archives and GPG signatures:

Repositories

You can clone or browse the repository from:

Acknowledgments

Thanks to Jon Warbrick who gave me the idea for regpg's key management, and David McBride for helpful discussions.


Written by Tony Finch fanf2@cam.ac.uk dot@dotat.at
at Cambridge University Information Services.
You may do anything with this. It has no warranty.
https://creativecommons.org/publicdomain/zero/1.0/