passwdstore-personal

Technically an mirror of https://mau.dev/ajhalili2006/passwdstore-personal. https://mau.dev/ajhalili2006/passwdstore-personal

Go to file

Andrei Jiroh Halili a3332c1d72 Updated exported Public Keys		2023-07-30 22:58:22 +08:00
.github/workflows	Add GHA workflow to block PRs	2023-01-26 16:01:19 +00:00
.public-keys	Updated exported Public Keys	2023-07-30 22:58:22 +08:00
2fa	Move from 2fa/google.ajhalili2006-main/code to vault/personal/2fa-wp.com-ajhalili2006	2023-01-28 17:08:19 +00:00
keys	Save secret to keys/age/personal:	2023-01-28 16:44:02 +00:00
recovery-phases	Move from recovery-phases/valora-wallet to recovery-phrases/personal/crypto-valora	2023-01-28 15:48:07 +00:00
recovery-phrases/personal	Updated exported Public Keys	2023-01-28 15:55:30 +00:00
stellapent	Updated exported Public Keys	2023-01-28 15:55:30 +00:00
vault/personal	Move from vault/personal/2fa-wp.com-ajhalili2006 to vault/personal/2fa-google-andreijiroheugeniohalili24680	2023-01-28 17:08:53 +00:00
.gitattributes	Configure git repository for gpg file diff.	2021-12-17 23:26:51 +08:00
.gitignore	Add gitignore file to ignore swap files and stuff	2022-02-22 23:46:02 +08:00
.gpg-id	fsck	2023-01-28 15:51:28 +00:00
README.adoc	Update README to include install docs for gopass + Doppler in FAQs	2023-01-26 15:51:00 +00:00

README.adoc

:source-highlighter: pygments // technically needed for Asciidoc parsers for some code
:gitlab-personal-namespace: https://gitlab.com/ajhalili2006 // DO NOT UPDATE, dotfiles-secrets only exist in SaaS
= Andrei Jiroh's Passowrd Store

This is where I store some of my TOTP secrets and other cursed secrets I need to store in Git and in encrypted manner.
While I can safely store my encrypted secrets here in GPG, some cannot be here such as my SSH and GPG private keys, as they're
stored in {gitlab-personal-namespace}/dotfiles-secrets[an private repository only Andrei Jiroh can access].

== Usage docs

=== Setup

[source,bash]
----
# option 1: with passwordstore
doas apk add pass git gpg
pass git clone https://mau.dev/ajhalili2006/passstore-personal

# option 2: with gopass
# Debian and dervivative users should check https://github.com/gopasspw/gopass#debian-ubuntu-debian-raspbian-
# first. See also TBD
doas apk add gopass git gpg
gopass clone ssh://git@mau.dev/ajhalili2006/passwdstore-personal
# recommended: symlink ~/.password-store to our root gopass store
ln -s ~/.local/share/gopass/stores/root ~/.password-store
----

=== Adding new entry

TBD

== Note on whoever manage this repo as noted on my will

You must keep all of my GPG private keys private and hidden from the public eye and its key passwords well-guarded against
hackers and other people trying to get as much as senstive information hidden under encryption.

Technically, DO NOT LEAK ANYTHING UNENCRYPTED, ESPECIALLY FROM THIS REPO.

== FAQs

=== Do this replace your usage of your current password manager (Bitwarden)

Technically no. While I can still access them through the official CLI (himt: `npm i -g @bitwarden/cli`), I do not want
to lose access to the TOTP codes, especially it's always a painful process to do the recovery processes through identity
verification and sometimes, the brute-force hell.

=== What's about Doppler?

`pass`/`gopass` are being in use in combination with Doppler, an SecretOps cloud service, to store secrets. The
biggest difference here is the earlier uses GPG for encryption and Git for version control while the latter is
more complex and even store the keys to encrypt/decrypt stuff in a HSM.

== License

This documentation is licensed under CC BY-SA 4.0 Unported, while the rest are either under the default copyright
rules or the MIT license. Check the headers of each file to avoid possible copyright issues. Stuff that are encrypted
through GPG are not covered by MIT license.