From 7b8fce8b69d2bd75c20a9f2db3dd9840d2cd97d7 Mon Sep 17 00:00:00 2001 From: Jon Kinney Date: Wed, 25 Dec 2024 07:05:09 -0600 Subject: [PATCH 1/2] docs: reference templates in top-level passwd mgmt It's important for people to understand that the password manager feature is an extension/implementation of the existing templating capabilities of Chezmoi. --- .../user-guide/password-managers/index.md | 33 ++++++++++++++++--- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/assets/chezmoi.io/docs/user-guide/password-managers/index.md b/assets/chezmoi.io/docs/user-guide/password-managers/index.md index a756ba8a73b..f5efdb9a57b 100644 --- a/assets/chezmoi.io/docs/user-guide/password-managers/index.md +++ b/assets/chezmoi.io/docs/user-guide/password-managers/index.md @@ -1,6 +1,29 @@ -# Password manager integration +# Password Manager Integration -Template functions allow you to retrieve secrets from many popular password -managers. Using a password manager allows you to keep all your secrets in one -place, make your dotfiles repo public, and synchronize changes to secrets -across multiple machines. +Using a password manager with Chezmoi enables you to maintain a public +dotfiles repository while keeping your secrets secure. Chezmoi extends its +existing [templating capabilities](../templating.md) by providing password +manager specific _template functions_ for many popular password managers. + +When Chezmoi applies a template with a secret referenced from a password +manager, it will automatically fetch the secret value and insert it into the +generated destination file. + +## Example: Template with Password Manager Integration + +Here's a practical example of a `.zshrc.tmpl` file that retrieves an OpenAI API +key from 1Password while maintaining other standard shell configurations: + +```zsh +# set up $PATH +# … + +# OpenAI API Key retrieved from 1Password +export OPENAI_API_KEY='{{ onepasswordRead "op://Personal/openai-api-key/password" }}' + +# set up aliases and useful functions +``` + +In this example, the `OPENAI_API_KEY` is retrieved from a 1Password vault +named `Personal`, specifically from an item called `openai-api-key` in the +`password` field. From 4a555f96151e225a03c50d505340870d405d310c Mon Sep 17 00:00:00 2001 From: Jon Kinney Date: Fri, 27 Dec 2024 16:24:26 -0600 Subject: [PATCH 2/2] Update assets/chezmoi.io/docs/user-guide/password-managers/index.md Co-authored-by: Austin Ziegler --- .../docs/user-guide/password-managers/index.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/assets/chezmoi.io/docs/user-guide/password-managers/index.md b/assets/chezmoi.io/docs/user-guide/password-managers/index.md index f5efdb9a57b..8b0cbf880ed 100644 --- a/assets/chezmoi.io/docs/user-guide/password-managers/index.md +++ b/assets/chezmoi.io/docs/user-guide/password-managers/index.md @@ -11,19 +11,19 @@ generated destination file. ## Example: Template with Password Manager Integration -Here's a practical example of a `.zshrc.tmpl` file that retrieves an OpenAI API -key from 1Password while maintaining other standard shell configurations: +Here's a practical example of a `.zshrc.tmpl` file that retrieves an CloudFlare +API token from 1Password while maintaining other standard shell configurations: ```zsh # set up $PATH # … -# OpenAI API Key retrieved from 1Password -export OPENAI_API_KEY='{{ onepasswordRead "op://Personal/openai-api-key/password" }}' +# Cloudflare API Token retrieved from 1Password for use with flarectl +export CF_API_TOKEN='{{ onepasswordRead "op://Personal/cloudlfare-api-token/password" }}' # set up aliases and useful functions ``` -In this example, the `OPENAI_API_KEY` is retrieved from a 1Password vault -named `Personal`, specifically from an item called `openai-api-key` in the +In this example, the `CF_API_TOKEN` is retrieved from a 1Password vault +named `Personal`, specifically from an item called `cloudflare-api-token` in the `password` field.