git-crypt enables transparent encryption and decryption of files in a git repository.

Here is a demo of how to use git-crypt to encrypt files in a git repository.

# Step 1: Install git-crypt

brew install git-crypt
git-crypt init # in an initialized git repository

Specify files to encrypt by creating a .gitattributes file:

# The config is similar to .gitignore
accounts/*.bean filter=git-crypt diff=git-crypt
*.md         filter=git-crypt diff=git-crypt
*.png        filter=git-crypt diff=git-crypt
*.jpg        filter=git-crypt diff=git-crypt
*.excalidraw filter=git-crypt diff=git-crypt
*.txt        filter=git-crypt diff=git-crypt
*.pdf        filter=git-crypt diff=git-crypt
*.json       filter=git-crypt diff=git-crypt

# Making sure that .gitattributes is never encrypted. DON'T TOUCH THAT LINE AND ONE BELOW
.gitattributes !filter !diff

# Step 2: Add files

git add .
git commit -m "Add git-crypt"
git push

# Step 3: Check git-crypt status

• git-crypt status -e Show encrypted files only
• git-crypt status -u Show unencrypted files only
• git-crypt status -f Fix problems with the repository

# Results

The beancount file is encrypted.

# Subsequent Updates

## Update on January 30, FUCK

TL;DR

I messed around and locked myself out.

Detail

This silly tool allows you to lock the repository even if you don’t export the symmetric key.

And then, I locked myself out without exporting the symmetric key.

Because for “security”, I only kept the encrypted commits and deleted all previous commit logs.

So I fucked up.

😊 What a “pleasant day” it has been.