docs: Update git-crypt key management instructions and pre-commit check

This commit is contained in:
Matteo Cherubini 2026-05-09 11:34:20 +02:00
parent f8f950fd7a
commit 4ed7b8edd0
3 changed files with 24 additions and 7 deletions

View file

@ -16,7 +16,7 @@ gcrypt_export_key() {
mkdir -p "${KEYS_DIR}" mkdir -p "${KEYS_DIR}"
git-crypt export-key "$key_path" git-crypt export-key "$key_path"
success "Symmetric key exported to: $key_path" success "Symmetric key exported to: $key_path"
warn "Action required: Store this key in Vaultwarden and remove it from local disk." warn "Action required: store this key in Vaultwarden and delete it from disk."
} }
gcrypt_verify() { gcrypt_verify() {
@ -162,9 +162,16 @@ gcrypt_print_key_instructions() {
echo " Name: \"${genome_name} key\"" echo " Name: \"${genome_name} key\""
echo " Note: <paste the base64 string>" echo " Note: <paste the base64 string>"
echo "" echo ""
echo " 3. For AI Server / Runtime Injection:" echo " 3. Delete from disk:"
echo " export BW_SESSION=\$(bw unlock --raw)" echo " rm ${KEYS_DIR}/${genome_name}.key"
echo ""
echo " 4. Runtime injection on AI server (no key on disk):"
echo " bw config server ${v_url}"
echo " export BW_SESSION=\$(bw unlock --passwordenv BW_MASTER_PASSWORD --raw)"
echo " git-crypt unlock <(bw get notes \"${genome_name} key\" --session \"\$BW_SESSION\" | base64 -d)" echo " git-crypt unlock <(bw get notes \"${genome_name} key\" --session \"\$BW_SESSION\" | base64 -d)"
echo ""
echo " NOTE: use 'bw' (standard Bitwarden CLI), NOT 'bws'."
echo " 'bws' is the Secrets Manager CLI and does not work with Vaultwarden."
} }
gcrypt_print_runtime_model() { gcrypt_print_runtime_model() {
@ -181,13 +188,13 @@ gcrypt_print_runtime_model() {
echo " smudge filter. Obsidian reads them as normal Markdown." echo " smudge filter. Obsidian reads them as normal Markdown."
echo "" echo ""
echo " On the AI VM:" echo " On the AI VM:"
echo " Same as laptop when unlocked. Use runtime injection (step 5" echo " Same as laptop when unlocked. Use runtime injection so the"
echo " above) so the key is never written to disk." echo " key is never written to disk."
echo "" echo ""
echo " Limitation:" echo " Limitation:"
echo " Encryption does NOT protect against a full server compromise" echo " Encryption does NOT protect against a full server compromise"
echo " where an attacker has root access to a machine where the repo" echo " where an attacker has root access to an already-unlocked repo."
echo " is already unlocked. Runtime injection mitigates this." echo " Runtime injection mitigates this risk."
echo " ─────────────────────────────────────────────────────────────" echo " ─────────────────────────────────────────────────────────────"
echo "" echo ""
} }

View file

@ -38,6 +38,9 @@ current prompt, you MUST operate in `disabled` mode. Never infer or assume the v
- **Never leak private synthesis into public `wiki/concepts/` or `wiki/sources/`.** - **Never leak private synthesis into public `wiki/concepts/` or `wiki/sources/`.**
- Prefix every response that draws on private data with: `[PRIVATE DATA INCLUDED]` - Prefix every response that draws on private data with: `[PRIVATE DATA INCLUDED]`
### Pre-commit failures:
If a commit is rejected by the pre-commit hook with a **"PLAINTEXT LEAK DETECTED"** warning, **DO NOT** attempt to bypass it with `--no-verify`. Stop the session and ask the operator to verify the encryption state and `.gitattributes`.
### On the AI server — runtime key injection: ### On the AI server — runtime key injection:
The git-crypt key must never be stored as a persistent file on the AI VM. The git-crypt key must never be stored as a persistent file on the AI VM.
```bash ```bash

View file

@ -10,6 +10,13 @@ set -euo pipefail
PRIVATE_PATTERNS=("raw/private/" "wiki/private/") PRIVATE_PATTERNS=("raw/private/" "wiki/private/")
FAILED=0 FAILED=0
# Check on git-crypt
if [[ ! -d ".git-crypt" ]]; then
echo -e "\n\033[0;31m[CRITICAL] git-crypt is not initialized in this repository.\033[0m"
echo "Run 'git-crypt init' and 'make setup' before committing."
exit 1
fi
# Get staged files (excluding deletions) # Get staged files (excluding deletions)
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null || true) STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null || true)