secret storage via 'pass' utility

chatikbot.asd

@@ -27,6 +27,7 @@
   :components ((:file "package")
                (:file "patmatch")
                (:file "utils")
+               (:file "secrets")
                (:file "db")
                (:file "telegram")
                (:file "server")

secrets.lisp

@@ -0,0 +1,22 @@
+(in-package #:chatikbot)
+
+(defvar *secret-ring* nil "GPG keyring path")
+(defvar *secret-pass-store* nil "pass store dir")
+(defvar *secret-pass-bin* "pass" "pass util binary")
+
+(defun %secret/pass (args &key input output error-output)
+  (ignore-errors
+    (uiop:run-program
+     (format nil "~@[GNUPGHOME=~A ~]~@[PASSWORD_STORE_DIR=~A ~]~A ~A"
+             *secret-ring* *secret-pass-store* *secret-pass-bin*
+             args)
+     :input input :output output :error-output error-output)))
+
+(defun secret/get (path)
+  (%secret/pass (format nil "show ~{~A~^/~}" path)
+                :output :string))
+
+(defun secret/set (path value)
+  (with-input-from-string (input value)
+    (%secret/pass (format nil "insert --force  --multiline ~{~A~^/~}" path)
+                  :input input :output :string)))