Is there a way to encrypt an entire folder and contents? For example if someone want to do something like ~/.gnupg? And what kind of encryption does yadm use?

The shebang line in yadm won't work for all systems as some unixes and unix like OSes put bash in /bin/bash. For example openBSD puts bash in /usr/local/bin/bash instead of /bin/bash as bash is something the user has to explicitly install, not provided by default install. The recommended work around for this is to use #!/usr/bin/env bash instead as env is placed as /usr/bin/env in more operating systems than bash is put in /bin.

Details: http://stackoverflow.com/a/10383546/2524942 and https://en.wikipedia.org/wiki/Shebang_%28Unix%29#Portability

It might be useful to know which files are not being tracked by yadm. For such a command such as yadm untracked could list all the dotfiles in $HOME that are not on yadm list -a. A mighty naive approach upon which a real command could be based:

{ls -a ~ & yadm list -a} | sort | uniq -u

Hi, I'd like to store my repo in a custom path. Overwriting YADM_REPO seems straight-forward. Does that cause any problems? If not, I'd prepare a PR.

yadm incorrectly uses local.host instead of local.hostname to override hostname during alt linking.

This is probably a user error, but can't figure it out...

For example, I have

~/.config/i3##Linux

(only need that on my Linux boxes).

Note, i3 is a directory... not a single file.

I can't get yadm to generate the symlink.

It works for various files, but not directories.

Am I missing something?

Steps to reproduce

1. yadm add sample.conf##A
2. yadm config local.class A => sample.conf->sample.conf##A is created
3. yadm config local.class NOT_A

Expectation

The link sample.conf -> sample.conf##A is removed

Actual

sample.conf -> sample.conf##A still exist

A file named file##OS-hostname will be linked as if it was named file##OS.hostname. The regex used matches any character.

a more portable solution would be to either use:
$(hostname | sed -e 's/..$//')
or since you are depending on bash:
hostname=$(hostname)
hostname=${hostname%%.}
though the first option is more concise

Say I have a folder ~/.config/nvim

In this folder I would like yadm to automatically track any files which are added to this folder. Currently, it will not show these files in the staging list, only the files I have modified. Do you know of a way to make certain directories track as if they were not bare?

OS: PacBSD (FreeBSD based)
yadm version: 1.04

When trying to decrypt the files.gpg on one of my computers running PacBSD, thus using bsdtar, yadm has the following error:

tar: Error opening archive: Failed to open '/dev/sa0'
gpg: encrypted with 2048-bit RSA key, ID B460C43FA28FD091, created 2014-06-19
      "keybase.io/vendion <[email protected]>"
ERROR: Unable to extract encrypted files.

My understanding is the source of the problem is line 206 where data is passed to tar via STDIN. My understanding is that bsdtar, and all other POSIX-compliant tar implementations require the -f flag when extracting data, they also require the - dash to specify STDIN. With GNU tar the -f - is optional.

Both GNU and BSD tar implementations support the following syntax for taking data from STDIN:

tar -xf -

Thus lines 199-211 should probably read:

  if [ "$DO_LIST" = "YES" ] ; then
    tar_option="t"
  else
    tar_option="xf"
  fi

  #; decrypt the archive
  (gpg -d "$YADM_ARCHIVE" || echo 1) | tar v$tar_option - -C"$YADM_WORK"
  if [ $? = 0 ] ; then
    [ ! "$DO_LIST" = "YES" ] && echo "All files decrypted."
  else
    error_out "Unable to extract encrypted files."
  fi

edit: Linking to relevant Stack overflow answer and removing unrelated error.

Document how to install user-local instead of system-wide.
yadm is, after all, just a shell script and we don't always have control over the system directories.
Nor do we necessarily want to clutter the system directories with this kind of thing as not all users will find it useful.

Give hints on how to include yadm as a submodule of the user's yadm repository.
This allows a yadm install when the user clones their repository into a new environment.

Hi,

I would very much like to use your program to organize my dotfiles; yadm seems like a really neat little utility! It seems to make it trivial to keep all my workstations in sync and also share my dotfiles with the world, which is a win-win.

There is a feature I cannot live without, however, and that is asymmetric encryption using public/private key pairs. Without asymmetric encryption I don't feel comfortable placing encrypted files alongside my dotfiles, and then I might as well just write bash scripts like I have done previously. I would love to see this in yadm, possibly as a configuration option like yadm.gpg-encryption-key, where if present uses a key pair instead of symmetric encryption.

Thanks a lot for the great program!

My current dotfiles setup is pretty typical. It is a git repo which has a script that runs thru and makes the proper symlinks.

I want to switch to yadm, as it will make managing this whole monstrosity much simpler. I have some questions:

1. Since I am using symlinks, I assume I cannot directly add the symlinked files to yadm (as it will maintain the symlink to the old repo). Is this correct?
2. Does anyone know of a simple script I can run to deference all of my current symlinks so I can yadm add this correctly ?
3. Stretch goal: would it be possible to do convert my current symlinked setup in one go?

Hopefully someone can relate. I love the idea of yadm and hope to make this work ASAP!

Among other platforms, I use yadm under Cygwin on Windows. Everything works perfectly as long as I'm running Cygwin-aware programs. Unfortunately, Cygwin symlinks are not understood by normal Windows programs. This means, for example, that SourceTree (Atlassian git GUI) cannot run, because my ~/.gitconfig file is not a real Windows file. This is true for all non-Cygwin-aware programs. Cygwin creates special files that it recognizes as symlinks, but Windows programs do not. They see them as files with nonsense contents.

Could we add an option to copy files instead of symlink them when creating alternates? That's my current workaround: after yadm creates the symlinks, I manually copy the files over the links.

Maybe something like yamd.symlink-alt, which defaults to true, but when set to false forces copies?

I can work on a PR if this is a desirable feature.

Sorry if this has been discussed before. I looked through the closed issues and didn't see anything.

Hi,

I want to be able to track system level files, like /etc/pacman.conf .
How does yadm manage permissions and ownership of such files?

Thanks!

I have 2 files using the alternate symlink method. One of these symlinks just fine using yadm alt the other is ignored:

➜ droberts@rotisseur  ~  ls -la | grep '##'
-rw-------  1 droberts droberts         0 Dec 17 21:53 .env_secrets##
-rw-------  1 droberts droberts       117 Dec 21 15:21 .env_secrets##Linux.rotisseur
lrwxrwxrwx  1 droberts droberts        48 Dec 21 15:49 .gitconfig.local -> /home/droberts/.gitconfig.local##Linux.rotisseur
-rw-rw-r--  1 droberts droberts        44 Dec 21 15:18 .gitconfig.local##
-rw-rw-r--  1 droberts droberts        55 Dec 21 15:18 .gitconfig.local##Linux.rotisseur
➜ droberts@rotisseur  ~  yadm alt
Linking /home/droberts/.gitconfig.local## to /home/droberts/.gitconfig.local
Linking /home/droberts/.gitconfig.local##Linux.rotisseur to /home/droberts/.gitconfig.local

I added some more test files using this name scheme and they were also ignored.

Using the latest yadm release on both of my machines using yadm.

Display something more useful when yadm config is run without options.

This is what I'm seeing:

[karma0:~] % yadm config user.name Bobby   
[karma0:~] % yadm config user.email [email protected]
[karma0:~] % yadm commit -am "Initializing"         

*** Please tell me who you are.

Run

  git config --global user.email "[email protected]"
  git config --global user.name "Your Name"

to set your account's default identity.
Omit --global to set the identity only in this repository.

fatal: empty ident name (for <(null)>) not allowed

It would be nice if we could change the gpg command used in the configuration, like with git gpg.program, or maybe simply use that one.

When I ran yadm encrypt, then yadm decrypt and having set the yadm.gpg-recipient to my personal gpg key I got a Bad passphrase error. Without being prompted for passphrase when decrypting.

I changed https://github.com/TheLocehiliosan/yadm/blob/master/yadm#L206 to:

(gpg --no-use-agent -d "$YADM_ARCHIVE" || echo 1) | tar v$tar_option -C "$YADM_WORK"

and then I was prompted for passphrase when decrypting. I'm on Ubuntu 16.04, gpg version 1.4.20

Maybe it's not really an issue. But I thought it might help somebody running in to the same problem.

How would you recommend a setup where you have different ssh keys. Work demands to that the key I use there is not shared.

I could just use a different name for work key and then have a host specific Config?

Establish a way specify wildcards within the naming convention used by the alt command. This would make it possible to do things like have a file match when a specific User is detected regardless of the other classifications.

Presently, if conflicting data already exists in $HOME when a repo is cloned, yadm responds by doing a git reset origin/master. This leaves the user with the need to resolve the conflicts. Often these conflicts are just overwritten by running yadm reset --hard origin/master. I think it would be much nicer to stash any conflicting data. This would start the user off with a clean repository, but also preserve any conflicting files.

Line 243, eval /bin/ls is used to list the files to encrypt. While this is probably to avoid aliased ls, it assumes ls is in /bin, which is not true in NixOS for exemple.
A workaround I have found would be to use $(whereis ls | cut -c 4-) instead of /bin/ls

Related to #52. Opening this issue to track the bug.

for Ubuntu trusty, xenial and yakkety (the LTS versions and the actual version in development) have a PPA for install

https://launchpad.net/~flexiondotorg/+archive/ubuntu/yadm

this can be indicated in the documentation.

Hi, after using yadm to sync my config to a new computer without problems a few months ago, I went back to try and encrypt some files and faced the following error.

> yadm encrypt
Encrypting the following files:

[...]

gpg-agent[37294]: command get_passphrase failed: Inappropriate ioctl for device
gpg: problem with the agent: Inappropriate ioctl for device
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `[stdin]' failed: Operation cancelled
ERROR: Unable to write /Users/sooheon/.yadm/files.gpg

Do you recognize this? I'm pretty unfamiliar with gpg, so this is highly likely to be user error, and may not have anything to do with yadm, but reporting just in case.

Add a new command bootstrap which will run a user created program. The purpose is to define a standard place to put logic that a user is likely to run every time they clone their dotfiles.

yadm uses hostname -s for determining the hostname, however this returns localhost on all of my Arch installs. This causes the alternate file handling to not work.

The /etc/hostname file on each of my systems contains the hostname on a single line.

I also put the hostname into the /etc/hosts file just like it is recommended in the Arch wiki

I also tried hostname -s on some Ubuntu installs I have access to, and it interestingly returns the real hostname correctly.

Also simply calling hostname returns the hostname correctly both on Arch and Ubuntu.

Hello, I'm maintainer of the AUR package - to follow convention of naming VCS based packages after the VCS they're using, I'm moving it from yadm to yadm-git.

Issue in pacaur's repository: rmarquis/pacaur#564

Package yadm is in proccess of removal, so it would be great to update documentation.

Regular linux and WSL linux may need different config files. Being able to manage these in YADM would be awesome.

It would be nice if in addition to using symlinks for certain class/hostname/... specific dotfiles, files with *.tpl could be processed by jinja with the context set to specific class/hostname/.... This would make writing e.g. .ssh/config for multiple classes (e.g. I want to have a different default username at work than at home) easier. Jinja is used by some configuration management tool, so it's nice to reuse that.

This could could be implemented via https://github.com/andreasjansson/envtpl and could be completely optional (e.g. yadm alt would only check for envtpl if a *.tpl file was committed and warn if the command is not available)

Example call:

YADM_CLASS=work YADM_HOSTNAME=mars ...  envtpl --keep-template .ssh/config.tpl

and .ssh/config.tpl

{% if YADM_CLASS == 'work' %}
Host *
    User js
{% else %}
Host *
    User jan
{% endif %}

After a successful clone, offer to run the bootstrap command (if it exists post-clone). Also add options to the clone command to force bootstrap to run or prevent bootstrap from running without any prompting.

Host a generic script in the yadm project repo which could be run via curl | bash. This script would perform a clone and bootstrap without having yadm installed. Possibly also include an option to export a yadm() function in the shell. This function could be a "stand-in" until yadm can be installed.

I'd love to use hub instead of git as the git executable as it adds some nice features especially when working against GitHub and private repos

The current version of alternates support variations based on OS (Darwin, Linux, etc), host name and user. This helps use cases which are specific to a given OS, machine name, or a user.

Will it be possible to add another variation that is based on a "machine type" concept? This way a file name can be specialized not only based on OS/machine/user, but also on "machine type".

Here is a made up example to illustrate what I mean:

$ cat ~/yadm_type
work
$ ls -l foo*
... foo -> foo##work#Darwin.host1.user_name
... foo##work#Darwin.host1.user_name
... foo##home#Linux.host1.user_name
$ echo -n home > ~/yadm_type
$ cat ~/yadm_type
home
$ ls -l foo*
... foo -> foo##home#Darwin.host1.user_name
... foo##work#Darwin.host1.user_name
... foo##home#Linux.host1.user_name

I gathered from this that symlinks would be created upon yadm decrypt:

If there are any files managed by yadm’s repository, or listed in $HOME/.yadm/encrypt, which match this naming convention, symbolic links will be created for the most appropriate version.

But appending ##Linux.host1 to my ~/.ssh keys and adding them to the ~/.yadm/encrypt file does nothing upon decrypting. What exactly does the above quote mean wrt to encrypt and symlinks?

An empty line in .yadm/encrypt causes all files to be included in the encrypted archive.

When yadm should create the symbolic links for alternate files? I pulled changes, decrypted the files, but no symbolic link was created for the decrypted alternate file although it matches the naming convention.

is there any bash completion for yadm?

I'm using yadm as root for /etc/nixos. I have put one filename in /root/.yadm/encrypt, the contents of the file is:

configuration.nix

Now I run encryption it says it will encrypt all files:

$ yadm encrypt
Encrypting the following files:
## lists all files here, not just configuration.nix

Any ideas what I'm doing wrong?

running yadm 1.05 and 1.07 CLASS links do not appear to link

in .yadm/config
CLASS = ABC

$HOME
.bashrc##Linux
. bashrc##ABC

yadm alt

.bashrc --> .bashrc##Linux

I am currently looking to manage my dotfiles better, and I am having a difficult time deciding between this solution and vcsh. I can't seem to find any good discussion on whether multiple repositories are better than one repository for dotfiles. Is there a clear example of this tradeoff somewhere?

What if I want to use yadm but not store even encrypted secret files in a public repo, is there some way to store them in a separate private repository?

Hi again,

I've created a gentoo ebuild for yadm, are you interested in this? If so, would you like it as a PR?

Sorry if was already covered in the docs - I went over the README and didn't understand this.

Background

There are programs like i3 that neither have an include mechanism, nor allow you to do the configuration based on the host/os (there's no if/else logic). In addition, it's sometimes undesirable to put all the config in the same file. For example, I can't put work related configuration in the same files because it might be confidential, but I want to share my dotfiles on github. This means that files must be split to multiple repos.
Does yadm support this use case? let's use i3 configuration as an example. Ideally, I'd be able to work with the following files:

• .i3config - my regular i3 config with common stuff, stored in one repo/branch.
• .i3config_work - an i3 config file specific to my work, stored in another repo/branch.

Is it possible to have yadm concatenate these files for me automatically, based, for example, on the hostname?

Thanks!

Hi, I just found yadm and it seems just perfect. Works nicely with dotfiles in home directory. However, I would like to use yadm for another directory (namely /etc/nixos). I was wondering if there is some easy supported way of doing this?

I ran yadm init as root in /etc/nixos and it initialized /root/.yadm. In file /root/.yadm/repo.git/config, I changed worktree to point to /etc/nixos instead of /root. Now, yadm manages files in /etc/nixos. If I also wanted to have .yadm directory under /etc/nixos, I need to use -Y /etc/nixos for all yadm commands, I suppose. Or is it possible to make yadm detect if there's .yadm directory under the current working directory or its parent directories and then use that automatically? Or do you have any suggestions on how to handle this setup?

I'm quite happy with the current setup where I manually modified /root/.yadm/repo.git/config and let .yadm be under /root but I'm just wondering if I could improve on this in case yadm has some built-in support.

Thanks a lot for yadm in any case! 👍

Hello,

I have some config things in git projects (e.g. .vim/bundle/YouCompleteMe). If I add the folder using yadm add it seems to show up correctly on bitbucket as submodules, but if I clone the repo using yadm clone then the folders are empty.

Any ideas how this could be fixed?

Generate example scripts that a user might invoke using the bootstrap command.

Possible examples:

• Vim plugin installation
• Update the yadm repo origin
• Initialize submodules
• yadm decrypt
• GPG key management
• Updating terminfo