Re: [debops-users] How to disable the encryption of paths and filenames in encfs?
On Aug 01, Imre Jonk wrote:
We now run the playbooks from our workstations, storing our secrets
in
Git as well. These secrets are encrypted with encfs using the
debops-padlock script. This works well on Debian 10 and Ubuntu 18.04
(thanks Hartmut!), even so that we don't use the Ansible controller anymore.
There's just one problem: the encfs paths and filenames are stored in
encrypted form in Git, which makes merge conflicts a lot harder to
solve. I've been looking for ways to disable this but can't find
anything in the encfs manual (or anywhere for that matter). So, my
question is: does anyone know how to disable this?
I'm not sure if filename encryption in 'encfs' can be disabled, most likely
not. Even if it could, you probably still would have issues with encrypted
contents of the files.
Perhaps using 'git-crypt'[1] instead of 'encfs' could be a better
solution?
You could write up documentation about its usage and needed steps in DebOps
when you make it work.
Cheers,
Maciej
[1]: https://packages.debian.org/buster/git-crypt
Attachments:
- attachment.sig (application/pgp-signature — 585 bytes)