The problem I was facing lately was quite simple.
I use vimwiki to keep my notes organized. Now, I want to synchronize my notes with other devices, having them available wherever I might need them. Since vimWiki stores plaintext files in a folder, that sounds like a perfect job for git.
Now, I like to have my git-repos accessible from the internet. That leaves me with the problem of storing my personal notes in plaintext on a server in someone else’s datacenter.
Searching allover the internet for a solution that doesn’t involve some
extra sync-client (like a VeraCrypt-Container in a dropbox) and that
doesn’t break the ability to cleanly solve conflicts between edits on
different devices I found
This nice little tool let’s you have pgp-encrypted git-remotes, which was exactly what I was looking for.
On Arch-Linux there is an AUR-package available, so no further
On other systems, just use the supplied
install.sh -script as
mentioned in the project’s readme. Since it’s written in
-shell it should run on every modern OS without problems.
Setting up an encrypted remote
To add a git-remote as an encrypted one, just prefix it’s git-uri with
gcrypt::, like this:
git remote add <remote> gcrypt::ssh://email@example.com:secrets
Setting up keys
In order for
gcrypt to properly encrypt your data you should
configure the proper keys in the local repository’s config. Here is an
git config remote.remotename.<remote>.gcrypt-participate "key1 key2"
This will make gcrypt encrypt the remote for the keys
A word of warning
Since every push on the remote is effectively a force-push, make sure to always pull before you push!
Using a plain git-uri (like GitHub or similar do) to push-access your repository effectively transfers the whole repository-content on every push. For larger repo, consider to choose a server that supports rsync-transfer or similar.
I have been playing around with this tool for quite some time now, testing different use-cases. It definitely has it’s place on my toolbelt now.