Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| b9b9082008 | |||
| bd54491c1d | |||
| 57d252cee4 | |||
| 78030230c5 | |||
| adfb087037 | |||
| 5570f82eb4 | |||
| bffe7bde12 | |||
| 3e0aabef4a |
@@ -708,7 +708,8 @@ sgard/
|
||||
sgardpb/ # Generated protobuf + gRPC Go code
|
||||
proto/sgard/v1/ # Proto source definitions
|
||||
|
||||
flake.nix # Nix flake (builds sgard + sgardd)
|
||||
VERSION # Semver string, read by flake.nix; synced from latest git tag via `make version`
|
||||
flake.nix # Nix flake (builds sgard + sgardd, version from VERSION file)
|
||||
.goreleaser.yaml # GoReleaser (builds both binaries)
|
||||
```
|
||||
|
||||
|
||||
9
Makefile
9
Makefile
@@ -1,4 +1,6 @@
|
||||
.PHONY: proto build test lint clean
|
||||
VERSION := $(shell git describe --tags --abbrev=0 | sed 's/^v//')
|
||||
|
||||
.PHONY: proto build test lint clean version
|
||||
|
||||
proto:
|
||||
protoc \
|
||||
@@ -7,8 +9,11 @@ proto:
|
||||
-I proto \
|
||||
proto/sgard/v1/sgard.proto
|
||||
|
||||
version:
|
||||
@echo $(VERSION) > VERSION
|
||||
|
||||
build:
|
||||
go build ./...
|
||||
go build -ldflags "-X main.version=$(VERSION)" ./...
|
||||
|
||||
test:
|
||||
go test ./...
|
||||
|
||||
@@ -111,3 +111,5 @@ Phase 6: Manifest Signing (to be planned).
|
||||
| 2026-03-25 | — | `sgard info` command: shows detailed file information (status, hash, timestamps, mode, encryption, targeting). 5 tests. |
|
||||
| 2026-03-25 | — | Deploy sgardd to rift: Dockerfile, docker-compose, mc-proxy L4 route on :9443, Metacrypt TLS cert, DNS. |
|
||||
| 2026-03-25 | — | `sgard remote set/show`: persistent remote config in `<repo>/remote.yaml` (addr, tls, tls_ca). |
|
||||
| 2026-03-26 | — | `sgard list` remote support: uses `resolveRemoteConfig()` to list server manifest via `PullManifest` RPC. Client `List()` method added. |
|
||||
| 2026-03-26 | — | Version derived from git tags via `VERSION` file. flake.nix reads `VERSION`; Makefile `version` target syncs from latest tag, `build` injects via ldflags. |
|
||||
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"io"
|
||||
|
||||
"github.com/kisom/sgard/garden"
|
||||
"github.com/kisom/sgard/manifest"
|
||||
"github.com/kisom/sgard/server"
|
||||
"github.com/kisom/sgard/sgardpb"
|
||||
"golang.org/x/crypto/ssh"
|
||||
@@ -205,8 +206,8 @@ func (c *Client) doPull(ctx context.Context, g *garden.Garden) (int, error) {
|
||||
serverManifest := server.ProtoToManifest(pullResp.GetManifest())
|
||||
localManifest := g.GetManifest()
|
||||
|
||||
// If local is newer or equal, nothing to do.
|
||||
if !serverManifest.Updated.After(localManifest.Updated) {
|
||||
// If local has files and is newer or equal, nothing to do.
|
||||
if len(localManifest.Files) > 0 && !serverManifest.Updated.After(localManifest.Updated) {
|
||||
return 0, nil
|
||||
}
|
||||
|
||||
@@ -273,6 +274,22 @@ func (c *Client) doPull(ctx context.Context, g *garden.Garden) (int, error) {
|
||||
return blobCount, nil
|
||||
}
|
||||
|
||||
// List fetches the server's manifest and returns its entries without
|
||||
// downloading any blobs. Automatically re-authenticates if needed.
|
||||
func (c *Client) List(ctx context.Context) ([]manifest.Entry, error) {
|
||||
var entries []manifest.Entry
|
||||
err := c.retryOnAuth(ctx, func() error {
|
||||
resp, err := c.rpc.PullManifest(ctx, &sgardpb.PullManifestRequest{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("list remote: %w", err)
|
||||
}
|
||||
m := server.ProtoToManifest(resp.GetManifest())
|
||||
entries = m.Files
|
||||
return nil
|
||||
})
|
||||
return entries, err
|
||||
}
|
||||
|
||||
// Prune requests the server to remove orphaned blobs. Returns the count removed.
|
||||
// Automatically re-authenticates if needed.
|
||||
func (c *Client) Prune(ctx context.Context) (int, error) {
|
||||
|
||||
@@ -1,13 +1,12 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/kisom/sgard/garden"
|
||||
"github.com/spf13/cobra"
|
||||
"golang.org/x/term"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -60,12 +59,17 @@ var addCmd = &cobra.Command{
|
||||
|
||||
func promptPassphrase() (string, error) {
|
||||
fmt.Fprint(os.Stderr, "Passphrase: ")
|
||||
scanner := bufio.NewScanner(os.Stdin)
|
||||
if scanner.Scan() {
|
||||
return strings.TrimSpace(scanner.Text()), nil
|
||||
fd := int(os.Stdin.Fd())
|
||||
passphrase, err := term.ReadPassword(fd)
|
||||
fmt.Fprintln(os.Stderr)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("reading passphrase: %w", err)
|
||||
}
|
||||
if len(passphrase) == 0 {
|
||||
return "", fmt.Errorf("no passphrase provided")
|
||||
}
|
||||
return string(passphrase), nil
|
||||
}
|
||||
|
||||
func init() {
|
||||
addCmd.Flags().BoolVar(&encryptFlag, "encrypt", false, "encrypt file contents before storing")
|
||||
|
||||
@@ -1,22 +1,56 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/kisom/sgard/garden"
|
||||
"github.com/kisom/sgard/manifest"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
var listCmd = &cobra.Command{
|
||||
Use: "list",
|
||||
Short: "List all tracked files",
|
||||
Long: "List all tracked files locally, or on the remote server with -r.",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
addr, _, _, _ := resolveRemoteConfig()
|
||||
if addr != "" {
|
||||
return listRemote()
|
||||
}
|
||||
return listLocal()
|
||||
},
|
||||
}
|
||||
|
||||
func listLocal() error {
|
||||
g, err := garden.Open(repoFlag)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
entries := g.List()
|
||||
printEntries(g.List())
|
||||
return nil
|
||||
}
|
||||
|
||||
func listRemote() error {
|
||||
ctx := context.Background()
|
||||
|
||||
c, cleanup, err := dialRemote(ctx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer cleanup()
|
||||
|
||||
entries, err := c.List(ctx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
printEntries(entries)
|
||||
return nil
|
||||
}
|
||||
|
||||
func printEntries(entries []manifest.Entry) {
|
||||
for _, e := range entries {
|
||||
switch e.Type {
|
||||
case "file":
|
||||
@@ -31,9 +65,6 @@ var listCmd = &cobra.Command{
|
||||
fmt.Printf("%-6s %s\n", "dir", e.Path)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
},
|
||||
}
|
||||
|
||||
func init() {
|
||||
|
||||
@@ -133,7 +133,7 @@ func dialRemote(ctx context.Context) (*client.Client, func(), error) {
|
||||
|
||||
func main() {
|
||||
rootCmd.PersistentFlags().StringVar(&repoFlag, "repo", defaultRepo(), "path to sgard repository")
|
||||
rootCmd.PersistentFlags().StringVar(&remoteFlag, "remote", "", "gRPC server address (host:port)")
|
||||
rootCmd.PersistentFlags().StringVarP(&remoteFlag, "remote", "r", "", "gRPC server address (host:port)")
|
||||
rootCmd.PersistentFlags().StringVar(&sshKeyFlag, "ssh-key", "", "path to SSH private key")
|
||||
rootCmd.PersistentFlags().BoolVar(&tlsFlag, "tls", false, "use TLS for remote connection")
|
||||
rootCmd.PersistentFlags().StringVar(&tlsCAFlag, "tls-ca", "", "path to CA certificate for TLS verification")
|
||||
|
||||
@@ -10,13 +10,17 @@ import (
|
||||
|
||||
var pullCmd = &cobra.Command{
|
||||
Use: "pull",
|
||||
Short: "Pull checkpoint from remote server",
|
||||
Short: "Pull checkpoint from remote server and restore files",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
ctx := context.Background()
|
||||
|
||||
g, err := garden.Open(repoFlag)
|
||||
if err != nil {
|
||||
return err
|
||||
// Repo doesn't exist yet — init it so pull can populate it.
|
||||
g, err = garden.Init(repoFlag)
|
||||
if err != nil {
|
||||
return fmt.Errorf("init repo for pull: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
c, cleanup, err := dialRemote(ctx)
|
||||
@@ -32,9 +36,22 @@ var pullCmd = &cobra.Command{
|
||||
|
||||
if pulled == 0 {
|
||||
fmt.Println("Already up to date.")
|
||||
} else {
|
||||
fmt.Printf("Pulled %d blob(s).\n", pulled)
|
||||
return nil
|
||||
}
|
||||
|
||||
fmt.Printf("Pulled %d blob(s).\n", pulled)
|
||||
|
||||
if g.HasEncryption() && g.NeedsDEK(g.List()) {
|
||||
if err := unlockDEK(g); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if err := g.Restore(nil, true, nil); err != nil {
|
||||
return fmt.Errorf("restore after pull: %w", err)
|
||||
}
|
||||
|
||||
fmt.Println("Restore complete.")
|
||||
return nil
|
||||
},
|
||||
}
|
||||
|
||||
19
flake.nix
19
flake.nix
@@ -11,17 +11,20 @@
|
||||
let
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
in
|
||||
let
|
||||
version = builtins.replaceStrings [ "\n" ] [ "" ] (builtins.readFile ./VERSION);
|
||||
in
|
||||
{
|
||||
packages = {
|
||||
sgard = pkgs.buildGoModule {
|
||||
sgard = pkgs.buildGoModule rec {
|
||||
pname = "sgard";
|
||||
version = "2.1.0";
|
||||
inherit version;
|
||||
src = pkgs.lib.cleanSource ./.;
|
||||
subPackages = [ "cmd/sgard" "cmd/sgardd" ];
|
||||
|
||||
vendorHash = "sha256-LSz15iFsP4N3Cif1PFHEKg3udeqH/9WQQbZ50sxtWTk=";
|
||||
vendorHash = "sha256-Z/Ja4j7YesNYefQQcWWRG2v8WuIL+UNqPGwYD5AipZY=";
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
ldflags = [ "-s" "-w" "-X main.version=${version}" ];
|
||||
|
||||
meta = {
|
||||
description = "Shimmering Clarity Gardener: dotfile management";
|
||||
@@ -29,19 +32,19 @@
|
||||
};
|
||||
};
|
||||
|
||||
sgard-fido2 = pkgs.buildGoModule {
|
||||
sgard-fido2 = pkgs.buildGoModule rec {
|
||||
pname = "sgard-fido2";
|
||||
version = "2.1.0";
|
||||
inherit version;
|
||||
src = pkgs.lib.cleanSource ./.;
|
||||
subPackages = [ "cmd/sgard" "cmd/sgardd" ];
|
||||
|
||||
vendorHash = "sha256-LSz15iFsP4N3Cif1PFHEKg3udeqH/9WQQbZ50sxtWTk=";
|
||||
vendorHash = "sha256-Z/Ja4j7YesNYefQQcWWRG2v8WuIL+UNqPGwYD5AipZY=";
|
||||
|
||||
buildInputs = [ pkgs.libfido2 ];
|
||||
nativeBuildInputs = [ pkgs.pkg-config ];
|
||||
tags = [ "fido2" ];
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
ldflags = [ "-s" "-w" "-X main.version=${version}" ];
|
||||
|
||||
meta = {
|
||||
description = "Shimmering Clarity Gardener: dotfile management (with FIDO2 hardware support)";
|
||||
|
||||
Reference in New Issue
Block a user