feat: better decryption method

.gitignore

@@ -0,0 +1,2 @@
+*.decrypted
+.vault_password

Makefile

@@ -0,0 +1,43 @@
+# Ansible Vault encrypted files installer
+# Usage: make install PASSWORD=yourpassword
+
+PASSWORD ?= 
+PASSWORD_FILE = .vault_password
+
+.PHONY: install decrypt clean
+
+
+_init_password_file:
+	@if [ ! -f $(PASSWORD_FILE) ]; then \
+		echo "$(PASSWORD)" > $(PASSWORD_FILE); \
+		chmod 600 $(PASSWORD_FILE); \
+	fi
+
+
+_destroy_password_file:
+	@if [ -f $(PASSWORD_FILE) ]; then \
+		rm -f $(PASSWORD_FILE); \
+	fi
+
+
+_install:
+	@mkdir -p $(HOME)/.ssh $(HOME)/.gnupg
+	@echo "$(PASSWORD)" | ansible-vault decrypt --output $(HOME)/.ssh/id_ed25519 id_ed25519 --vault-password-file=$(PASSWORD_FILE)
+	@chmod 600 $(HOME)/.ssh/id_ed25519
+	@echo "$(PASSWORD)" | ansible-vault decrypt --output $(HOME)/.gnupg/private.gpg private.gpg --vault-password-file=$(PASSWORD_FILE)
+	@chmod 600 $(HOME)/.gnupg/private.gpg
+	@echo "Keys installed successfully"
+
+install: _init_password_file _install _destroy_password_file
+
+# Decrypt files to current directory (for inspection)
+_decrypt:
+	@ansible-vault decrypt --output id_ed25519.decrypted id_ed25519 --vault-password-file=$(PASSWORD_FILE)
+	@ansible-vault decrypt --output private.gpg.decrypted private.gpg --vault-password-file=$(PASSWORD_FILE)
+	@chmod 600 id_ed25519.decrypted private.gpg.decrypted
+
+decrypt: _init_password_file _decrypt _destroy_password_file
+
+
+clean:
+	@rm -f *.decrypted